[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: chase referrals not working with ADS dc's (ITS#2504)

At 06:04 AM 5/12/2003, tobias.loecke@bertelsmann.de wrote:
>Full_Name: Tobias
>Version: 2.1.17
>OS: RedHat
>Submission from: (NULL) (
>Hello all-
>we have an ADS with multiple subdomains which I need to search in one single
>ldap search, but unfortunately chasing referrals seem not to work against ADS.

The LDIF below indicates that the problem that you are seeing is
with regards to search continuation (reference) handling, not
referral handling.

>Regarding to this posting, this issue should have been fixed but isn't

I don't see this post as describing the same problem.

>The LDAP search
>  ldapsearch -C -a always -s sub -h IP -b dc=2,dc=1 -x -D CN=user -w pw
>will not find anything in dc=3,dc=2,dc=1 (DNS resolution for 3.2.1. is working
>properly and only resolves to LDAP servers).

Well, I would suspect that you might run into problems using
domains where the TLD was all numeric.  A lot of software
will consider 3.2.1 to be an IPv4 address literal.  You
might try using a real TLD.

>You'll find the full output below. The search result for the referrals is


>but given the amount of time for the search the referrals are not
>chased. (Sorry, can't sniff at the moment, working on that....)

I suggest you use a debugger or a sniffer to determine that for
sure.  I certainly not going to assume a particular behavior
based solely on the amount of time taken.

>Any ideas whats wrong? We tried openldap 2.0.11 and now 2.1.17 as well, but had
>the very same result...

I don't see a clear indication of a openldap software bug.

>Thank you,
>The output looks like this:
>ldapsearch -C -a always -h <IP> -b dc=2,dc=1 -x -s sub -P 3 -D
>CN=userid,OU=x,OU=y,OU=z,DC=3,DC=2,DC=1 -w xyz mail=tobias*
># extended LDIF
># LDAPv3
># base <dc=2,dc=1> with scope sub
># filter: mail=tobias*
># requesting: ALL
># search reference
>ref: ldap://5.2.1/DC=5,DC=2,DC=1
># search reference
>ref: ldap://4.2.1/DC=4,DC=2,DC=1
># search reference
>ref: ldap://2.1/CN=Configuration,DC=2,DC=1
># search reference
>ref: ldap://3.2.1/DC=3,DC=2,DC=1
># search result
>search: 2
>result: 0 Success
># numResponses: 5
># numReferences: 4