[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [phpqladmin] phpqladmin 2.x series with openldap 2.1.x series

To: "phpqladmin@bayour.com" <phpqladmin@bayour.com>
Subject: Re: [phpqladmin] phpqladmin 2.x series with openldap 2.1.x series
From: Michael Ströder <michael@stroeder.com>
Date: Thu, 03 Apr 2003 11:11:03 +0200
Cc: qmail-ldap <qmail-ldap@argus.pipeline.ch>, OpenLDAP-software@OpenLDAP.org
In-reply-to: <87vfxwuknt.fsf@papadoc.bayour.com>
References: <3E8BB000.9000806@fastmail.fm> <87vfxwuknt.fsf@papadoc.bayour.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030312

Turbo Fredriksson wrote:


What I do is connect to host:port, check base for 'supportedLDAPVersion'
and if LDAP server don't support v3 binds, I set protocol to v2 THEN I
bind to the server...

You shouldn't rely on reading attribute 'supportedLDAPVersion' from RootDSE since it might be subject of access control or you get a weird pesudo-referral back from a LDAPv2 server.

Instead a better approach is to just try a LDAPv3 bind (or the first operation if your application logic allows you to handle the fall-back). If that fails with LDAP_PROTOCOL_ERROR you MUST drop the connection and open a new LDAP connection binding with LDAPv2.

This discussion would be most appropriate for a general LDAP mailing list like ldap@umich.edu.

Ciao, Michael.

Follow-Ups:
- Re: [phpqladmin] phpqladmin 2.x series with openldap 2.1.x series
  - From: Turbo Fredriksson <turbo@bayour.com>

References:
- phpqladmin 2.x series with openldap 2.1.x series
  - From: BsD JuNkiE <bsd_junkie@fastmail.fm>
- Re: [phpqladmin] phpqladmin 2.x series with openldap 2.1.x series
  - From: Turbo Fredriksson <turbo@bayour.com>

Prev by Date: Re: Problem building OpenLDAP on Solaris
Next by Date: Re: LDAP Accounts losing passwords
Index(es):
- Chronological
- Thread