On 25/11/2018 11:44, Olivier JUDITH wrote:
From my point of view , the easiest way to solve this is to set a search filter on the OU corresponding to the tenant on each phone. Can you modify the software on the phone ?
Unfortunately not. The telephone handset firmware is written by various third parties, and we have no access to it.
This would also be insecure. Anyone with the username and password of a telephone and who could use an LDAP client such as LDAP search could bypass the filter to see all the users in all the tenants (i.e. every ou).
The other way could be by creating a 389 plugin that add a filter on the good OU regarding the DN of user which make the call to the ldap.
That might be an option. Do you know where I can find documentation on how to do this?
-- Alistair Cunningham +1 888 468 3111 +44 20 799 39 799 https://enswitch.com/ _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx