[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP proxy with back_ldap: (?=undefined)



Torsten Schlabach (Tascel eG) wrote:
Hi all!

I am trying to setup the simplest possible LDAP proxy with OpenLDAP.
Actually, I do have a machine with one interface on a public IP address and
the other one on the private network. So all I want is a pass-through of
any LDAP query 1:1 from the proxy which sits on the public IP to an LDAP
server which can be reached only through a private IP on our internal
network.

Here is my config:

database ldap
suffix  "o=top"
uri  "ldap://192.168.12.34/";

My problem is: The query sent to the backend server always contains a
(?=undefined) condition, which leads to no objects found.

In other words, the query I send to the proxy is for example:

(&(?objectClass=mailalias)(dc=xxxx.yy))

The back_ldap will send to the backend server:

(&(&(?objectClass=mailalias)(dc=xxxx.yy))(?=undefined))

Any idea?

Turn up debug on slapd and see what filter it actually received. Also, what version of OpenLDAP is this?

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/