diff options
| -rw-r--r-- | src/man/sssd-ldap.5.xml | 44 | ||||
| -rw-r--r-- | src/providers/ldap/ldap_common.c | 12 |
2 files changed, 12 insertions, 44 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index d488ab37a..8e6a4a394 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -2331,50 +2331,6 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/ldap_search_bases.xml" /> </varlistentry> - <varlistentry> - <term>ldap_user_search_filter (string)</term> - <listitem> - <para> - This option specifies an additional LDAP search - filter criteria that restrict user searches. - </para> - <para> - This option is <emphasis>deprecated</emphasis> in - favor of the syntax used by ldap_user_search_base. - </para> - <para> - Default: not set - </para> - <para> - Example: - </para> - <programlisting> - ldap_user_search_filter = (loginShell=/bin/tcsh) - </programlisting> - <para> - This filter would restrict user searches to users - that have their shell set to /bin/tcsh. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>ldap_group_search_filter (string)</term> - <listitem> - <para> - This option specifies an additional LDAP search - filter criteria that restrict group searches. - </para> - <para> - This option is <emphasis>deprecated</emphasis> in - favor of the syntax used by ldap_group_search_base. - </para> - <para> - Default: not set - </para> - </listitem> - </varlistentry> - <varlistentry condition="with_sudo"> <term>ldap_sudo_search_base (string)</term> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/ldap_search_bases.xml" /> diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index b668a48e3..d649e3332 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -792,6 +792,18 @@ errno_t common_parse_search_base(TALLOC_CTX *mem_ctx, goto done; } + if (old_filter != NULL) { + /* Using a deprecated ldap_{user,group}_search_filter */ + DEBUG(SSSDBG_IMPORTANT_INFO, ("WARNING: Using a deprecated filter " + "option for %s. Please see the documentation on LDAP search " + "bases to see how the obsolete option can be migrated\n", + class_name)); + sss_log(SSS_LOG_NOTICE, "WARNING: Using a deprecated filter option" + "for %s. Please see the documentation on LDAP search bases " + "to see how the obsolete option can be migrated\n", + class_name); + } + ret = sdap_create_search_base(search_bases, unparsed_base, LDAP_SCOPE_SUBTREE, old_filter, &search_bases[0]); |