[Date Prev][Date Next] [Chronological] [Thread] [Top]

Chasing referrals with search base set (ITS#1991)



Full_Name: Tomas Maly
Version: 2.1.3
OS: Linux
URL: 
Submission from: (NULL) (198.144.204.44)


Hi,

When I use ldapsearch to chase a referral, and have the search base set to the
referral object (i.e., the object on the original server which contains the
"ref" attribute), the URL that I get back as the "ref" attribute has it's own
search base set to the search base I specified (i.e., the referral object). If I
chase the referral, this causes infinite recursion and won't return any results
and will stall. 

Now if I set the search base to something other than the referral object, it
works fine.

The reason why I set the search base to the referral object's DN is because the
referral points to the same server but to some other location in the tree. I
want to avoid searching down the true path, and only want to search down the
path to the referral object. Let's say I have a large LDAP directory. To speed
up queries, I want to limit the search base to as fine grain as possible. One
instance I would want to do this is if I'm using nss_ldap and want user accounts
to be stored in multiple organizationalUnits, and not just one (such as the
defauld ou=People,<basedn>).

Tomas Maly