First of, this removes the dreaded LDAP DN regex. Further, upon saving a LDAP realm in the UI, it tries to connect & bind using the provided credentials, providing the user with immediate feedback whether they are valid or not.
The same approach is already implemented in PBS [0], and I'll plan to implement the same for PMG too, if & when the PVE side is done. Testing ------- Changes were tested against slapd 2.5.13+dfsg-5, using both the web UI and `pveum` to create and update realms with different combinations of valid and invalid parameters, mixed with using new `check-connection` parameter. Prior art --------- This completely supersedes the previous series [1]. This series is a complete new approach to it (also why this also isn't marked as v3), which previously tried to solve this using a new schema format by validated DNs using Net::LDAP::Util::canonical_dn(). But this has the problem that it does not support AD-specific DN syntax. After a off-list discussion with Lukas (summary [2]), it was decided to rather implement it much like PBS does it - simply drop the explicit validation of DN parameters, instead just trying to connect & bind to the target server - although I'm always open for other/better suggestions to tackle this. [0] https://git.proxmox.com/?p=proxmox-backup.git;a=commitdiff;h=5210f3b5 [1] https://lists.proxmox.com/pipermail/pve-devel/2023-July/058392.html [2] https://lists.proxmox.com/pipermail/pve-devel/2023-July/058540.html -- 2.41.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
