Full_Name: Kurt Heberlein Version: 2.4.40+patches OS: Debian Wheezy URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (66.168.54.228) Using simple binding with TLS, i have a successfully bound (authenticated) user, and using the same LDAP*, i experience intermittent failures attempting to retrieve the user's memberOf list. The failure manifests itself as a return from ldap_search_ext_s() with a return code of LDAP_SUCCESS but a NULL results pointer. Most of the time this call correctly returns the list of groups the user is a member of, but intermittently it returns a NULL list even though the return code is LDAP_SUCCESS. There is no other error indication. What am i missing? The call looks like this: ret = ldap_search_ext_s(lp, base, scope, filter, attrs, 0, NULL, NULL, NULL, -1, &res); if(ret != LDAP_SUCCESS) { ... } else { assert(res != NULL); for(msg = ldap_first_message(lp, res); msg != NULL; msg = ldap_next_message(lp, msg)) { ... Where lp is the LDAP* pointer of for the successful bind of user base = "DC=EMEA,DC=AD,DC=SOMECOMPANY,DC=COM" scope = LDAP_SCOPE_SUBTREE filter = "(&(objectClass=user)(sAMAccountName=someusername))" attrs = attrs[0] = "memberOf" attrs[0] = NULL i dont find any documentation that indicates that res could be NULL after LDAP_SUCCESS is returned from the search. Thanks
kurt.w.heberlein@hpe.com wrote: > Full_Name: Kurt Heberlein > Version: 2.4.40+patches > OS: Debian Wheezy > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (66.168.54.228) > > > Using simple binding with TLS, i have a successfully bound (authenticated) user, > and using the same LDAP*, i experience intermittent failures attempting to > retrieve the user's memberOf list. The failure manifests itself as a return > from ldap_search_ext_s() with a return code of LDAP_SUCCESS but a NULL results > pointer. > > Most of the time this call correctly returns the list of groups the user is a > member of, but intermittently it returns a NULL list even though the return code > is LDAP_SUCCESS. There is no other error indication. What am i missing? Read RFC 4511. The ITS is for bug reports, not technical questions. There's no bug here. Closing this ITS. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
invalid
changed notes changed state Open to Closed