On 4/13/2023 10:36 AM, Quanah
Gibson-Mount wrote:
--On Thursday, April 13, 2023 6:33 PM +0000 Jordan Brown
<openldap@jordan.maileater.net> wrote:
I'm already dumping that. But it is not
very detailed. I believe
that's what ldapsearch is dumping; here's some sample output in
various
error cases:
Those are the result codes that are provided to the client per
RFC. Feel free to write a new RFC expanding on the result codes.
OpenLDAP could have additional non-RFC features that would allow you
to retrieve more error information.
There are dozens of OpenLDAP-specific options. An OpenLDAP-specific
option could retrieve additional error information.
There could be a variation on LDAP_OPT_CONNECT_CB - for discussion,
call it LDAP_OPT_ERROR_CB - that calls back with error information
on any failing connection. (That would be more right than a "get
error" option, because it would work when there's more than one
server specified.)
So the first question is "does OpenLDAP have such a thing?". It
sounds like the answer is "no".
In that case, please consider this to be a request for such a
feature. Diagnosing LDAP client connection problems is a
significant cost; anything that we can do to make it easier would be
worthwhile. I would be happy to participate in the design and
implementation of such a feature.
--
Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris