cyril@coupel.net wrote:
Tanks for your answer. I tested by removing the %xxxx% from the URL and the tests are passed; but there is an error saying that there is no %xxx% token. I already open a case to the BIND team, but they reply this is not a bind problem. However, I will transmit this information to the BIND/DLZ team.
I have few more comments; see below.
Cyril COUPEL wrote:
I agree with this information. The fact is the ldapURL is not used as it, the key %zone% (or %client%) is replaced with the ns domain (the client name).
It was working well since I upgrade to 2.3.30-r2.
There is no OpenLDAP 2.3.30-r2; the current version is 2.3.34.
Also, you mentioned an error message "failed to parse ldap URL"; there's no such message in bind 9.3.4 code, nor in 9.4.0rc2. Also, there's no explicit ldap_url_parse() call, so the problem could only arise when performing an operation with that broken DN. However, I don't see how the error message could be raised by bind, since the URL is parsed by bind itself, without using the OpenLDAP API function, and the DN is only used as base for other operations, so OpenLDAP API cannot have any notion of that DN being part of an URL. Finally, bind itself, while parsing the URL, checks for badly encoded portions of the URL, and the corresponding error message is "LDAP sdb zone '%s': URL: bad hex values".
Could you point us to the __real__ version of OpenLDAP __and__ bind you pretend to be broken?
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------