#25921 [Opn]: Unable to handle Active Directory referals (W2k3)

Mon, 20 Oct 2003 04:40:55 -0700 

 ID:               25921
 User updated by:  bugs dot php dot net at phrenetic dot to
 Reported By:      bugs dot php dot net at phrenetic dot to
 Status:           Open
 Bug Type:         LDAP related
 Operating System: RedHat 7.1
 PHP Version:      4.3.3
 New Comment:

I forgot to supply LDAP client library version:

LDAP Support    enabled
RCS Version     $Id: ldap.c,v 1.130.2.4 2003/04/30 21:54:02 iliaa Exp $
Total Links     0/unlimited
API Version     2004
Vendor Name     OpenLDAP
Vendor Version  20123


Previous Comments:
------------------------------------------------------------------------

[2003-10-20 07:34:34] bugs dot php dot net at phrenetic dot to

Description:
------------
Recently at my site they started to upgrade some directory servers and
suddenly stuff started to break. All of them PHP'ish. All LDAP searches
broke with "Operations Error". Doing the same queries with ldapsearch
(openldap commandline tool) everything looked fine except that I could
imagine something going on with the result as I got 'ref:
ldap://foo.bar.com/ou=foo,o=bar' back in the chunk coming from the
server.

I found a 2-year old workaround for it here: (Surprisingly works
flawless.)
http://groups.google.se/groups?q=LDAP_OPT_REFERRALS+%2Bfollow+referrals&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&selm=20011226190121.22738.qmail%40php2.chek.com&rnum=1



Reproduce code:
---------------
        foreach($ldaphosts as $ldaphost)
        {
                if( !$fail && !$success) 
{
                        if( $connect = @ldap_connect($ldaphost) )
                        {
                                if( $bind =
@ldap_bind($connect,$ldapbinddn,$lda
pbindpasswd) )
                                {
                                        $filter =
"($ldapuserattr=$username)";
                                        $search =
@ldap_search($connect
, $ldapbasedn, $filter, array('cn'));
                                        $info =
@ldap_get_entries($connect, $sea
rch);
                                        if($info[0]['dn'])
                                        {
                                                if(ldap_bind($connect,
$info[0][
'dn'], $password) )
                                                {
                                                        $success = 1;
                                                } else {

                                                        $fail = 1;
                                                }
                                        } else {

                                                $fail = 1;
                                        }
                                }
                        }

                        ldap_unbind($connect);
                }
        }


Expected result:
----------------
ldap_search() to return an ldap search resource to pass on to
ldap_get_entries

Actual result:
--------------
ldap_search(): Search: Operations error


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=25921&edit=1

Reply via email to