[Exim] LDAP to Active Directory returns unexpected code 115

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Nathan Ollerenshaw
Datum:  
To: Exim users list
Alte Treads: Re: [Exim] OT: Problem with recipient verification to an exchange server
Betreff: [Exim] LDAP to Active Directory returns unexpected code 115
On Aug 18, 2004, at 7:52 PM, Nathan Ollerenshaw wrote:

> binding with user=CN=MailRelay,CN=Users,DC=w2k,DC=intra
> password=xxxxxxxx
> Start search
> ldap_result loop
> LDAP entry loop
> LDAP attr loop mail:nathan@???
> search ended by ldap_result yielding 115
> ldap_result returned unexpected code 115
> lookup deferred: ldap_result returned unexpected code 115


BTW, looking at the code, its this part thats getting upset:

/* A return code that isn't -1 doesn't necessarily mean there were no
problems
with the search. The message must be an LDAP_RES_SEARCH_RESULT or else
it's
something we can't handle. */

if (rc != LDAP_RES_SEARCH_RESULT)
{
*errmsg = string_sprintf("ldap_result returned unexpected code %d",
rc);
goto RETURN_ERROR;
}

I will make a wild hypothesis here that Exim is processing the entries
returned with no problems, but doesn't know what to do with the
'references', as can be seen with an ldapsearch:

# extended LDIF
#
# LDAPv3
# base <DC=w2k,DC=intra> with scope sub
# filter: (proxyAddresses=smtp:nathan@???)
# requesting: ALL
#

[lots of stuff]

# search reference
ref: ldap://moscow.w2k.intra/DC=moscow,DC=w2k,DC=intra

# search reference
ref: ldap://ruvc.w2k.intra/DC=ruvc,DC=w2k,DC=intra

# search reference
ref: ldap://w2k.intra/CN=Configuration,DC=w2k,DC=intra

# search result
search: 2
result: 0 Success

# numResponses: 5
# numEntries: 1
# numReferences: 3

I'd just like to ignore anything thats a reference, I think.

in ldap.h:

#define LDAP_RES_SEARCH_ENTRY   ((ber_tag_t) 0x64U)     /* application
+ constructed */
#define LDAP_RES_SEARCH_REFERENCE       ((ber_tag_t) 0x73U)     /* V3:
application + constructed */
#define LDAP_RES_SEARCH_RESULT  ((ber_tag_t) 0x65U)     /* application
+ constructed */


So, I think there needs to be another loop after the entry processing
loop that processes LDAP_RES_SEARCH_REFERENCEs by ignoring them. Or
maybe the 'correct' thing to do is to follow them. Ugh.

Nathan.

--
Nathan Ollerenshaw - UNIX Systems Engineer
ValueCommerce - http://www.valuecommerce.ne.jp/

"If we don't change direction soon, we'll end up where we're
going." - Professor Irwin Corey