In plone.app.ldap there's an option to assign a set of roles to all LDAP users. Is there a way to get the same effect with pas.plugins.ldap?
I think I see why there is no equivalent option in the config. pas.plugins.ldap does not instantiate the user object like plone.app.ldap does but relies on the default factory, so there is no way of directly setting roles. But maybe there's some alternative or workaround? I'm also thinking about the feasibility of registering the plugin as a role provider and assign roles like that. But I suppose the user would have to be looked up a second time to decide whether it's an LDAP user or not, which is not ideal.