[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rebinding and following referrals on bind

Arthur de Jong wrote:

Hello list,

Is there a way to follow a referral on bind?

I'm trying to get the PAM module in nss-pam-ldapd to follow referrals
while binding. Background is available here [1].

If ldapserver1 refers a subtree to another server (server2) searches for
a user are correctly continued on server2 (using ldap_set_rebind_proc())
but when I try to call ldap_simple_bind_s() on the connection that just
returned the user from server2 I get "Invalid credentials".

Is there a way to find out which LDAP server returned a specific entry
or is there some other way to solve this?

Just turn off automatic referral chasing and chase them manually. Then you'll know which server you're dealing with.

Thanks for any pointes.

[1] http://lists.arthurdejong.org/nss-pam-ldapd-users/2010/msg00097.html

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/