Le 20/01/16 19:24, Radovan Semancik a écrit : > Hi, > > I done more Active Directory tests with the latest API trunk. There > are two things you should know: > > 1. LDAP over SSL with AD fails when getting big things (such as AD > schema). It ends up in an endless loop. It is obviously a Mina bug and > I have sent the path to mina dev mailing list. However it might be a > good idea to coordinate with the mina project and switch the API to > the fixed mina version. I believe that this bug may appear in any > LDAPS connection and it is really nasty to diagnose (endless loop, no > relevant error, no log message).
MINA will be fixed and released asap. Thanks for having chased to origine of the pb... Now, would the submitted patch fix the issue ? > > 2. Active directory supports insane DN formats such as > <GUID=ae36bced-d6dd-cb41-a7e9-ef4f9bd59f0d>. Yes, this is passes ad > DN. Yes, really like that, including the angle brackets. However > unbelievable it might be, this kind of DN is in fact required to get > some attributes (e.g. msds-memberOfTransitive) as these only appear in > scope=base searches. And this seems to be the only efficient way how > to get scope=base search when all you know is object GUID. Of course, > the API complained about the format and failed to process it. So I > have committed a patch that tolerates these insane formats when > relaxed mode is set. yuk :/ We should probably think about cutting a release soon, then. I have also injected some changes before taking some vacations, and I was actually thinking about cutting a 1.0.0-RC1 release, instead of another milstone. Thoughts ?
