[SERVER-25375] Change LDAP Authorization Defaults to Conform to Active Directory Deployments Created: 01/Aug/16 Updated: 08/Sep/21 Resolved: 19/Aug/16 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Andreas Nilsson |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Sprint: | Security (08/08/16), Security 19 (08/29/16) | ||||||||
| Participants: | |||||||||
| Case: | (copied to CRM) | ||||||||
| Description |
|
By default LDAP Authorization should use a query which locks onto entities by userPrincipalName and acquires their memberOf attribute. Most users of this feature will probably be using AD, and we should make the default query conform to this. |