ID: 25921 Updated by: [EMAIL PROTECTED] -Summary: Unable to handle Active Directory referals (W2k3) -Reported By: bugs dot php dot net at phrenetic dot to +Reported By: corinl at gmx dot de Status: Open Bug Type: Documentation problem Operating System: RedHat 7.1 -PHP Version: 4.3.3 +PHP Version: 4.3.0 New Comment:
Besides the doc problem, it may also be a "real" bug. Following draft-ietf-ldapext-ldap-c-api-xx.txt: LDAP_OPT_REFERRALS (0x08) [..] By default, this option is ON. Is this option ON by default in PHP or not? Following this draft it should be, when not I consider this a bug. Maybe it is a good idea to add the default options set by PHP to ldap_set_option/ldap_get_option. Previous Comments: ------------------------------------------------------------------------ [2003-10-20 08:40:31] bugs dot php dot net at phrenetic dot to Then this is a documentation bug. http://se.php.net/manual/en/function.ldap-search.php and http://se.php.net/manual/en/function.ldap-connect.php doesn't say anything about this. ------------------------------------------------------------------------ [2003-10-20 08:13:26] [EMAIL PROTECTED] That's not workaround, that's how you're supposed to do it. ------------------------------------------------------------------------ [2003-10-20 07:41:37] bugs dot php dot net at phrenetic dot to I forgot to supply LDAP client library version: LDAP Support enabled RCS Version $Id: ldap.c,v 1.130.2.4 2003/04/30 21:54:02 iliaa Exp $ Total Links 0/unlimited API Version 2004 Vendor Name OpenLDAP Vendor Version 20123 ------------------------------------------------------------------------ [2003-10-20 07:34:34] corinl at gmx dot de Description: ------------ Recently at my site they started to upgrade some directory servers and suddenly stuff started to break. All of them PHP'ish. All LDAP searches broke with "Operations Error". Doing the same queries with ldapsearch (openldap commandline tool) everything looked fine except that I could imagine something going on with the result as I got 'ref: ldap://foo.bar.com/ou=foo,o=bar' back in the chunk coming from the server. I found a 2-year old workaround for it here: (Surprisingly works flawless.) http://groups.google.se/groups?q=LDAP_OPT_REFERRALS+%2Bfollow+referrals&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&selm=20011226190121.22738.qmail%40php2.chek.com&rnum=1 Reproduce code: --------------- foreach($ldaphosts as $ldaphost) { if( !$fail && !$success) { if( $connect = @ldap_connect($ldaphost) ) { if( $bind = @ldap_bind($connect,$ldapbinddn,$lda pbindpasswd) ) { $filter = "($ldapuserattr=$username)"; $search = @ldap_search($connect , $ldapbasedn, $filter, array('cn')); $info = @ldap_get_entries($connect, $sea rch); if($info[0]['dn']) { if(ldap_bind($connect, $info[0][ 'dn'], $password) ) { $success = 1; } else { $fail = 1; } } else { $fail = 1; } } } ldap_unbind($connect); } } Expected result: ---------------- ldap_search() to return an ldap search resource to pass on to ldap_get_entries Actual result: -------------- ldap_search(): Search: Operations error ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=25921&edit=1
