[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-devel
Subject:    Re: GIT Log for 2009-04-02 23:33 GMT
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2009-04-03 11:13:24
Message-ID: 49D5EF54.1010604 () deployingradius ! com
[Download RAW message or body]

Arran Cudbard-Bell wrote:
> Does the OpenLDAP library explicitly support chase_referrals, or is
> there code already in rlm_ldap to do this ? In the past when i've had
> to use wrappers around OpenLDAP, you always had to specify a callback
> function that OpenLDAP called whenever it hit a referal.

  The documentation says that "chase referrals" is the default.
However, the callback is required if you want the referral to use the
same credentials as the original bind.  Because it just wouldn't make
sense for it to use the *same* credentials.

  Active Directory gets excited over this.  If you get a referral to the
same machine, it works.  If you get a referral to a different machine,
OpenLDAP binds anonymously, and therefore doesn't have the correct
permissions to do the search.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic