michael@stroeder.com wrote:

I'd recommend not to mess around with the hostport portion of the LDAP URL. In opposite to Hallvard I'm not even sure whether a distinction is really needed when invoking ldap_initialize().

ok ...

The rfc 2255 defined the LDAP URL syntaxe as : scheme "://" [hostport] ["/" [dn etc... where host (rfc1738) must be a fully qualified domain name of a network host or IP address. (a fully qualified domain name cannot effectiely begin with a '.' ;-)

Therefore, transforming a fully qualified domain name in a IP adress remains to be a DNS job.

But, "My.domain.[:port]" is actually a fully qualified domain name and produce effectively one (at least) IP address of a network host when a SRV rr is defined and an authoritative answer can be obtained from a DNS.

Of course I admit it could be not very efficient to try systematically a SRV resolution on every domain name of a LDAP URLS chain ...

So I propose to add an extension (something like "forceSrvSearch") which will indicate that the library must perform a SRV request on this URL to find the IP address from the hostname (or hostport) parameter specified.

It'll be a bit more complex to patch up ... :( -- PE