Project

General

Profile

Actions
Copy link

Feature #2294

closed

add ldap referrals support

Added by MDF over 13 years ago. Updated 4 months ago.

Status:
Fixed
Priority:
Normal
Category:
mod_auth
Target version:
-
ASK QUESTIONS IN Forums:
No

Description

For AD ldap_search_s has failed with Operation error. For resolve this problem need set LDAP_OPT_REFERRALS to off.

May be this case need set by config? I don't know.

Files

Download all files
ldap.patch (613 Bytes) ldap.patch MDF, 2011-02-03 15:58
mod_auth.patch (947 Bytes) mod_auth.patch dridri, 2011-04-06 13:28

Related issues 2 (0 open2 closed)

Related to Bug #2846: LDAP authentication vs. AD: problems with referrals Fixed2017-12-07Actions
Related to Bug #2464: patch for intermittent ldap failuresFixed2012-12-19Actions
Actions
Copy link
 #1

Updated by kace about 13 years ago

Has anyone verified this patch yet? I would like to give it a try, but I'm not really in a testing environment. Thanks.

Actions
Copy link
 #2

Updated by dridri about 13 years ago

it didn't worked for me, no idea why exactly.
The issue i observed was that ldap_search_s was chasing referrals by binding anonymously (and my AD server doesn't allow it)

If it's any help: i used ldap_set_rebind_proc to force openldap to re-bind with ldap_simple_bind_s (and the correct binddn/bindpw), for thoses interested, i attached the patch i did even if i'm unsure it is bugless.

Actions
Copy link
 #3

Updated by stbuehler almost 13 years ago

  • Subject changed from ldap auth failed for Active Directory to add ldap referrals support
  • Target version changed from 1.4.29 to 1.4.x
Actions
Copy link
 #4

Updated by gstrauss about 8 years ago

  • Status changed from Patch Pending to Need Feedback

There are two patches here. Is there anyone else who can confirm that one or both of these patches work?

The second patch, using ldap_set_rebind_proc() appears to be the better idea.

The first patch, to disable LDAP_OPT_REFERRALS might not be needed if ldap_set_rebind_proc() solution works. If it doesn't, then disabling LDAP_OPT_REFERRALS should be a config option.

Either way, this ticket needs some feedback from people actively using lighttpd with LDAP to make sure we get this right. Please post if either of these patches work for you. Thanks.

Actions
Copy link
 #5

Updated by gstrauss about 8 years ago

  • Tracker changed from Bug to Feature

Changing to feature request. Still requires feedback.

Tangentially related ticket https://redmine.lighttpd.net/issues/2464 "patch for intermittent ldap failures" might reduce the occurrence of the errors here, too.

Actions
Copy link
 #6

Updated by gstrauss almost 8 years ago

  • Status changed from Need Feedback to Missing Feedback
Actions
Copy link
 #7

Updated by stbuehler almost 8 years ago

  • Target version deleted (1.4.x)
Actions
Copy link
 #8

Updated by gstrauss over 6 years ago

  • Related to Bug #2846: LDAP authentication vs. AD: problems with referrals added
Actions
Copy link
 #9

Updated by gstrauss 4 months ago

  • Status changed from Missing Feedback to Fixed
  • ASK QUESTIONS IN Forums set to No

Fixed in lighttpd 1.4.49 in #2846

Actions
Copy link
 #10

Updated by gstrauss 4 months ago

  • Related to Bug #2464: patch for intermittent ldap failures added
Actions
Copy link

Also available in: Atom