Pierangelo
Pierangelo Masarati wrote: ..
Sounds like you're getting search references that the LDAP library tries to chase (anonymously, which is the default) and during that something times out. Since this seems not to be what you need, because the entry you're looking for is present, and you don't need to chase any referral, you should tell the library not to chase them, and simply return the entry you're looking for. To do that, you need to set LDAP_OPT_REFERRALS to LDAP_OPT_OFF using the ldap_set_option(3) call (don't get tricked by the trailing (3): such man page never existed, as far as I know ;). Example code may be found in ldapsearch code (actually, in clients/tools/common.c) and in the proxy backends of slapd in servers/slapd/back-ldap/bind.c.
Looks like your diagnostics were on the spot, I just added the 3-liner
if((err = ldap_set_option( ldapConn, LDAP_OPT_REFERRALS, LDAP_OPT_OFF )) != LDAP_OPT_SUCCESS ) { [TRLog debug: "Could not set LDAP_OPT_REFERRALS off\n"]; goto finish; }
in front of the search call and now the call returns immediately. As the rest of the plugin is not my code I will not modify the entire thing, as it appears now to work, at least in my test environment.
This may be one for the FAQ, but maybe it is just obvious :-(
Thanks a lot
Erich