[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: automatic referrals produce LDAP_NO_SUCH_OBJECT

Hi,

So, I've been exploring the referrals problems I described last week more. I've now tested on several versions of openldap (2.0.21, 2.0.25, 2.0.27), and on two separate machines. My conclusion: I'm confused. The referral still causes a NO_SUCH_OBJECT error whenever I have set LDAP_OPT_REFERRALS to on, but I'm pretty sure I'm doing thigs as they are supposed to work. Please, can anyone help describe what I'm doing wrong in the code included below from my last email? Thank you,

Matt

P.S. As I mentioned, the referral is resolved fine using "ldapsearch -C ...", just not from the c-api

Matt Jones wrote: 
Hi,

I'm having a problem with automatic referrals using the C-api but not the command line tools for openldap 2.0.27. Both client and server are running on Redhat 7.2.

If a referral is encountered, my c-program terminates with LDAP_NO_SUCH_OBJECT and fails to locate any entries. When the equivalent query is launched through ldapsearch with -C to chase referrals, it works fine, which I hope means that the ldap directory is configured correctly.

By experimenting with the code a bit, I've found that the query works if I turn off automatic referral chasing with a call like this:

/* Never follow referrals. */
if (ldap_set_option(ld,LDAP_OPT_REFERRALS,LDAP_OPT_OFF)!=LDAP_SUCCESS){
       ldap_perror( ld, "ldap_set_option" );
          return( 1 );
}

After doing that, I no longer get the "No such object" error, and instead get the expected "Partial results and referral". I could write the code to handle this manually by parsing the referrals and relaunching the query for each referral, but I don't really want to do that. I can't figure out why automatic referral chasing isn't working. And I can't seem to find this documented for openldap in any detail. Does anybody have any ideas about why this doesn't work for me, and how I might fix it?

I've included the program that I'm using to test with below if it helps, which comes straight from the docs with a few minor tweaks.

Thanks,
Matt

------ start program listing for test.c ---------------------
#include <stdio.h>
#include <ldap.h>

int main()
{

char *ldap_host = "dev.example.org";
int ldap_port = 389;
int err;
LDAP *ld;

LDAPMessage *result, *e;
char *dn;
char *my_searchbase = "dc=example,dc=org";
char *my_filter = "(uid=jones)";
char *get_attr[] = { "cn", "mail", NULL };

/* Init the ldap connection */
if ( ( ld = ldap_init( ldap_host, ldap_port ) ) == NULL ) {
       perror( "ldap_init" );
          return( 1 );
}

/* Never follow referrals. */
/*
if (ldap_set_option(ld,LDAP_OPT_REFERRALS,LDAP_OPT_OFF)!=LDAP_SUCCESS){
       ldap_perror( ld, "ldap_set_option" );
          return( 1 );
}
*/

/* Bind to the ldap server */
if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
       ldap_perror( ld, "ldap_simple_bind_s" );
          return( 1 );
}

/* Search the directory. */
err = ldap_search_s( ld, my_searchbase, LDAP_SCOPE_SUBTREE, my_filter,
get_attr, 0, &result ); if ( (err != LDAP_SUCCESS) && (err != LDAP_PARTIAL_RESULTS)) {
ldap_perror( ld, "ldap_search_s" );
return( 1 );
}

/* Check whether any results were found. */
if ( ldap_count_entries( ld, result ) == 0 ) {
       printf( "No matching results found.\n" );
          return( 0 );
}

/* Retrieve each entry from the search results. */
for ( e = ldap_first_entry( ld, result ); e != NULL;
                 e = ldap_next_entry( ld, e ) ) {

  /* code for getting data from the entries */
  if ( ( dn = ldap_get_dn( ld, e ) ) != NULL ) {
    printf( "dn: %s\n", dn );
    /* Free the memory used for the DN when done */
    ldap_memfree( dn );
  }

}
/* Free the result when done. */
ldap_msgfree( result );

/* Unbind */
if ( ldap_unbind( ld ) != LDAP_SUCCESS ) {
       ldap_perror( ld, "ldap_unbind" );
          return( 1 );
}

return( 0 );
}

------------------------- end program listing ------------------