[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: back-ldap problem with Win2000 Active Directory
- To: Bertrand Croq <bcroq@virtual-net.fr>
- Subject: Re: back-ldap problem with Win2000 Active Directory
- From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Date: Tue, 24 Oct 2000 13:46:32 -0700
- Cc: openldap-devel@OpenLDAP.org
- In-reply-to: <39F440A5.7602FE87@virtual-net.fr>
- References: <008901c03ce8$108673a0$0c01a8c0@fiddle.symas.com>
From -bugs...
At 03:44 PM 10/23/00 +0200, Bertrand Croq wrote:
> I have tested the modifications and it looks good: the referal is
>still buggy but slapd doesn't crash... instead, the ldap client (I used
>ldapsearch) receives a search result with resultCode 52 telling that
>slapd cannot follow the referal "ldap://thehost.com??base";.
This is an invalid LDAP URL. The only character which may
follow the hostpart of the URL is "/".
And, IIRC, these were returned in an LDAPv2 partial results.
If so, they URL should contain the DN. This is because LDAPv2
search partial results need to be treated as search continuations.
With an explicit DN, the search should be chased using an empty
base DN.
> With this code, it will be easier to modify liblad/request.c: I
>already found the comments about using the url parser but it would have
>been hard to implement with slapd crashing everytime there would have
>been something wrong. I'll try to fix the referal problem and keep you
>informed (openldap-devel should be a better mailing-list for this kind
>of message).
Before modifying OpenLDAP client software, I think it important to
ensure that you have correctly configured server. Servers generally
just echo whatever they are configured with. In fact, servers
shouldn't muck with URL to be returned except as required by
the specifications (which are, of course, ''works in progress'').
Kurt