Dear Technical of openLDAP,

 

  I use OpenLDAP development on the Mac platform, run into the following 2 questions, find a lot of information, still not resolved.

  Could you help me, Thank you.

 

1.        Referrals error,

Code flow:

ld = ldap_init(host, port);

rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);

rc = ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_ON);

rc = ldap_set_rebind_proc(ld, bind_prompt, NULL);

rc = ldap_set_option(ld, LDAP_OPT_SIZELIMIT,&sizelimit);

rc = ldap_simple_bind_s(ld, adminDN, adminPwd);

rc = ldap_search_s(ld, findDN, LDAP_SCOPE_ONELEVEL, [filter UTF8String], attrs, 0, &result);

 

CallBack function

static int bind_prompt(LDAP *ld,LDAP_CONST char *url,ber_tag_t request, ber_int_t msgid, void *params)

{

    static char *dnsuffix;

    static char dn[256],password[256];

    int authmethod;

    NSLog(@"rebind for request=%ld,msgid=%ld,url=%s\n",request,(long)msgid,url);

    authmethod = LDAP_AUTH_SIMPLE;

    NSLog(@"re-bind dn?");

    strcat(dn, dnsuffix);

    if (authmethod == LDAP_AUTH_SIMPLE && dn[0] != '\0')

    {

           NSLog(@"re-bind password?");

    }

    else

    {

           password[0] = '\0';

    }

    return ldap_bind_s(ld, dn, password, authmethod);

}

 

Description of the problem:ldap_search_s() return value is 10, which is LDAP_REFERRAL,an it did not call the function “bind_prompt().

 

2.        Kerberos error,

Code flow

ld = ldap_init(host, port);

rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);

rc = ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);

rc = ldap_set_option(ld, LDAP_OPT_SIZELIMIT,&sizelimit);

rc = ldap_set_rebind_proc(ld, bind_prompt, NULL);

rc = ldap_bind_s(ld, adminDN, adminPwd, LDAP_AUTH_KRBV4);

 

Description of the problem:LDAP_AUTH_KRBV4,LDAP_AUTH_KRBV41,LDAP_AUTH_KRBV42,ldap_bind_s return value is -6, which is LDAP_AUTH_UNKNOWN.

 

Windows Client with the same configuration connected to openLDAP server successfully.

Does my code or interface call for errors.

 

 

Regards!

Aimee He

Tel:15658

 


Confidential Information:This message is sent to the intended recipient and may contain privileged or confidential information. If you received this transmission in error, please notify the sender with a replying e-mail and delete the message and any attachment.Transmission Caveat and Virus Alert: Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions.