[email protected] wrote: > Full_Name: Matt Hamilton > Version: 2.4.36 > OS: Linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (213.133.64.253) > > > I am using the meta backend to query multiple LDAP (AD) backends. This is to > consolidate several directories in different departments into one. We attempt > both simple binds with username/password and also anon binds to look up user > information.
That doesn't make much sense, since AD disallows anonymous Binds. > At the moment, trying to do an authenticated simple bind to slapd caused an > Operational Error to be propagated to the client regardless of the setting of > 'onerr'. Even when a result is successfully found. This is due to one server > in > the backend succeeding and the other returning an operational error due to an > invalid bind (as would be expected as the credentials supplied from the client > will only work with one of the backends). > > Looking at servers/slapd/back-meta/search.c at around line 1903 it appears > that > the code is not checking for 'Operational Error' as a specific case above and > so > uses the default case (line 1665). Hence sres is set to 'Operational Error' > too > at line 1934. back-meta/search.c has nothing to do with Binds. Not sure what you're trying to demonstrate there. > > The server should be changing this to LDAP_SUCCESS somewhere in that logic > unless META_BACK_ONERR_REPORT. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
