Comment 7 for bug 1309228

Revision history for this message
Brant Knudson (blk-u) wrote : Re: User gets group auth if same id

The fix for the LDAP backend is trickier... the entry for the role assignments has a member attribute containing the DNs for both users and groups. If it was easy to compare DNs then this would be an easy check, just see if the entry is in the user tree or the group tree. Unfortunately, LDAP DNs cannot be compared with a simple string comparison, or even case-insensitive comparison.