From 2c62da337e31217d03f5bf0f768b574d166bb2fe Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Tue, 12 Jun 2012 20:29:26 -0400
Subject: LDAP: Auto-detect support for the ldap match rule

This patch extends the RootDSE lookup so that we will perform a
second request to test whether the match rule syntax can be used.

If both groups and initgroups are disabled in the configuration,
this lookup request can be skipped.
---
 src/providers/ldap/ldap_opts.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/providers/ldap/ldap_opts.h')

diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h
index 1c21bea9..2d08f7a6 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.h
@@ -103,7 +103,7 @@ struct dp_option default_basic_opts[] = {
     { "ldap_idmap_default_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ldap_idmap_default_domain_sid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "ldap_groups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
-    { "ldap_initgroups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
+    { "ldap_initgroups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_TRUE, BOOL_FALSE },
     DP_OPTION_TERMINATOR
 };
 
-- 
cgit