2:01 p.m.
Hi everyone,
I'm trying to work out why some sample code doesn't work against a
Centos 5 system (Centos being a RedHat Enterprise clone).
Client is Mac OS X 10.5, and server is Centos 5.3, OpenDLAP 2.3.43. The
sample code is from
http://docs.sun.com/source/816-5616-10/example.htm#13303.
(Am not using the Sun SDK, it was just a convenient place to find sample
code. If there are OpenLDAP sample code resources, a link is welcome.)
In particular the problem occurs at this piece of code:
/* Bind anonymously to the LDAP server. */
rc = ldap_simple_bind_s( ld, NULL, NULL );
if ( rc != LDAP_SUCCESS ) {
fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc));
return( 1 );
}
The resultant output is an error, namely;
'ldap_simple_bind_s: Protocol error'
In comparison, if I run the same code against a Gentoo Linux system that
also has OpenLDAP 2.3.43 the sample code works just fine.
If I do an ldapsearch from the Mac OS X client with the query
below, it succeeds.
ldapsearch -x -h remoteCentosldapsvr -b basedn
Can anyone suggest why the Centos 5 system is showing the protocol error?
Thanks
Regards
Stephen
3 p.m.
Stephen writes:
/* Bind anonymously to the LDAP server. */
rc = ldap_simple_bind_s( ld, NULL, NULL );
I think that still Binds with LDAP version 2, which the server
may be rejecting. Try to set LDAP version 3 first:
int protocol = LDAP_VERSION3;
ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, &protocol );
if ( rc != LDAP_SUCCESS ) {
fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc));
return( 1 );
}
That only prints a textual representation fo the error code. It does
not print the diagnosticMessage which the server may have enclosed to
answer your question. Try ldap_perror(ld, "Bind failed");
ldap_perror is deprecated, but it's by far the simplest way. An
alternative is ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &msg );
followed by printing and ldap_memfree()ing the message. Or async Bind,
then print and free the messages from ldap_parse_result().
--
Hallvard
2:11 p.m.
Stephen writes:
> /* Bind anonymously to the LDAP server. */
> rc = ldap_simple_bind_s( ld, NULL, NULL );
>
I think that still Binds with LDAP version 2, which the server
may be rejecting. Try to set LDAP version 3 first:
int protocol = LDAP_VERSION3;
ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, &protocol );
Yes, that was it.
> if ( rc != LDAP_SUCCESS ) {
> fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc));
> return( 1 );
> }
>
That only prints a textual representation fo the error code. It does
not print the diagnosticMessage which the server may have enclosed to
answer your question. Try ldap_perror(ld, "Bind failed");
Implementing this results in a very useful error message confirming your
guess...
Bind failed: Protocol error (2)
additional info: historical protocol version requested, use LDAPv3
instead
Thank you for your helpful reply
Regards
Stephen
5131
days inactive
5133
days old
openldap-technical@openldap.org
2 comments
2 participants
participants (2)
-
Hallvard B Furuseth -
Stephen