Author: Phil Chambers Date: To: exim-users Subject: [Exim] use of ldap_init
I am not an LDAP expert, so I may need to be corrected here. If so, my apologies.
It may also be a difference between versions of LDAP (I have openldap2).
I have only looked at the SEARCH_LDAP_AUTH case, but expect the same problem in all
cases . As far as I can see control_ldap_search() in ldap.c will only work along the
list of ldap servers if ldap_init() fails. If ldap_bind() fails then that results
in a hard failure. The man page for ldap_init() says it does not make a connection,
so the connection is made by the call to ldap_bind(). I have checked some code
outside of exim and find that ldap_init() still retuns OK even when given the name
of a server which does not run ldap. It looks to me as if one needs to check the
return code from ldap_bind() for LDAP_UNAVAILABLE and treat that as DEFER.
ldap_open() does return a failure, but the man page says that is deprecated in
favour of ldap_init().
Phil.
---------------------------------------
Phil Chambers (postmaster@???)
University of Exeter