[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#8706) illogical return from ldap_search_ext_s()
Full_Name: Kurt Heberlein
Version: 2.4.40+patches
OS: Debian Wheezy
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (66.168.54.228)
Using simple binding with TLS, i have a successfully bound (authenticated) user,
and using the same LDAP*, i experience intermittent failures attempting to
retrieve the user's memberOf list. The failure manifests itself as a return
from ldap_search_ext_s() with a return code of LDAP_SUCCESS but a NULL results
pointer.
Most of the time this call correctly returns the list of groups the user is a
member of, but intermittently it returns a NULL list even though the return code
is LDAP_SUCCESS. There is no other error indication. What am i missing?
The call looks like this:
ret = ldap_search_ext_s(lp, base, scope, filter, attrs, 0, NULL, NULL, NULL, -1,
&res);
if(ret != LDAP_SUCCESS) {
...
} else {
assert(res != NULL);
for(msg = ldap_first_message(lp, res); msg != NULL; msg =
ldap_next_message(lp, msg)) {
...
Where lp is the LDAP* pointer of for the successful bind of user
base = "DC=EMEA,DC=AD,DC=SOMECOMPANY,DC=COM"
scope = LDAP_SCOPE_SUBTREE
filter = "(&(objectClass=user)(sAMAccountName=someusername))"
attrs = attrs[0] = "memberOf"
attrs[0] = NULL
i dont find any documentation that indicates that res could be NULL after
LDAP_SUCCESS is returned from the search.
Thanks