Hello,
We are configuring DevTest in order to use ActiveDirectory authentication.
After some tests we saw 2 things.
The first thing, there are 2 LDAP searchRequest sent when the user authenticates. The first request "searchRequest baseOjbect" with no result because the user entry is located in a subplace. And the second request "searchRequest wholeSubtree", with one result.
Why 2 requests ? One request "searchRequest wholeSubtree" can make the same thing (and avoid unuseful sollicitations).
The second thing, is how to reduce the number of attributes returned by the searchRequest ? Is there any way to configure it in DevTest ? There are about 39 items returned, but only 2 seems useful (CN and memberOf).
Best regards
Benoit