Dear Technical of openLDAP,
I use OpenLDAP development on the Mac platform, run into the following 2 questions, find a lot of information, still not resolved.
Could you help me, Thank you.
1. Referrals error,
Code flow:
ld = ldap_init(host, port);
rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
rc = ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_ON);
rc = ldap_set_rebind_proc(ld, bind_prompt, NULL);
rc = ldap_set_option(ld, LDAP_OPT_SIZELIMIT,&sizelimit);
rc = ldap_simple_bind_s(ld, adminDN, adminPwd);
rc = ldap_search_s(ld, findDN, LDAP_SCOPE_ONELEVEL, [filter UTF8String], attrs, 0, &result);
CallBack function:
static int bind_prompt(LDAP *ld,LDAP_CONST char *url,ber_tag_t request, ber_int_t msgid, void *params)
{
static char *dnsuffix;
static char dn[256],password[256];
int authmethod;
NSLog(@"rebind for request=%ld,msgid=%ld,url=%s\n",request,(long)msgid,url);
authmethod = LDAP_AUTH_SIMPLE;
NSLog(@"re-bind dn?");
strcat(dn, dnsuffix);
if (authmethod == LDAP_AUTH_SIMPLE && dn[0] != '\0')
{
NSLog(@"re-bind password?");
}
else
{
password[0] = '\0';
}
return ldap_bind_s(ld, dn, password, authmethod);
}
Description of the problem:ldap_search_s() return value is 10, which is LDAP_REFERRAL,an it did not call the function “bind_prompt()”.
2. Kerberos error,
Code flow:
ld = ldap_init(host, port);
rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
rc = ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
rc = ldap_set_option(ld, LDAP_OPT_SIZELIMIT,&sizelimit);
rc = ldap_set_rebind_proc(ld, bind_prompt, NULL);
rc = ldap_bind_s(ld, adminDN, adminPwd, LDAP_AUTH_KRBV4);
Description of the problem:LDAP_AUTH_KRBV4,LDAP_AUTH_KRBV41,LDAP_AUTH_KRBV42,ldap_bind_s return value is -6, which is LDAP_AUTH_UNKNOWN.
Windows Client with the same configuration connected to openLDAP server successfully.
Does my code or interface call for errors.
Regards!
Aimee He
Confidential Information:This message is sent to the intended recipient and may contain privileged or confidential information. If you received this transmission in error, please notify the sender with a replying e-mail and delete the message and any
attachment.Transmission Caveat and Virus Alert: Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions.