From 85ad849189d1372459da5c5015eb0fae9f53cb77 Mon Sep 17 00:00:00 2001 From: Ludovic Marcotte Date: Wed, 10 Jun 2015 20:05:13 -0400 Subject: [PATCH] Revert "Revert "Improved rationale"" This reverts commit 6994c029b8d1fe53840aedd3916c775f66465ebe. --- SoObjects/SOGo/SOGoUserManager.m | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/SoObjects/SOGo/SOGoUserManager.m b/SoObjects/SOGo/SOGoUserManager.m index b671d5ec1..d50ac05f2 100644 --- a/SoObjects/SOGo/SOGoUserManager.m +++ b/SoObjects/SOGo/SOGoUserManager.m @@ -459,7 +459,16 @@ static Class NSNullK; // If we are using multidomain and the UIDFieldName is not part of the email address // we must also try to bind without the domain part since internally, SOGo will use - // UID @ domain as its unique identifier. + // UIDFieldName @ domain as its unique identifier if the UIDFieldName is used to + // authenticate. This can happen for example of one has in LDAP: + // + // dn: uid=foo,dc=example,dc=com + // uid: foo + // mail: broccoli@example.com + // + // and authenticates with "foo", using bindFields = (uid, mail) and SOGoEnableDomainBasedUID = YES; + // The -checkLogin:... above would have failed because SOGo would first try to bind using: foo@example.com + // if (!checkOK && *domain && [sd enableDomainBasedUID] && r.location != NSNotFound) { checkOK = [sogoSource checkLogin: [login substringToIndex: r.location]