Menu
▾
▴
Re: Referral LDAP URL and slash after hostport
|
From: Konstantin C. <Kon...@da...> - 2001-07-12 09:56:07
|
Hi Michael and All, Michael Ströder wrote: > When using (patched) python-ldap with OpenLDAP 2.0.x libs and I'm > trying to access > ldap://ldap.surfnet.nl/c=BE > I get back the referral LDAP URL > ldap://tor.dante.org.uk:1389??base > > That's almost ok. But the slash after hostport is missing. Is that > intentional? IMHO it should be > ldap://tor.dante.org.uk:1389/??base > I had a talk with the ldap.surfnet.nl manager, Henny Bekker. There seems to be a bug in their directory server. Henny told me they put the correct data for referrals, but they get changed in LDAP responces. I wasn't entirely convinced in the fact, until you got the same results... Anyway, they are going to migrate from their old server. They are considering OpenLDAPv2. And here goes a question to the core OpenLDAP developers: At a national level, there is a need to build an LDAP server containing lots (hundreds) of referrals to organisation LDAP servers. We consider such a server for browsing purposes (one-level search) only. Now, if a client sends a one level search request, it will get lots (hundreds) of referrals. It can choke on them easily. The idea is to keep cached entries along with ref entries. What is needed here is the ability to switch the request to DSA IT control mode automatically for every one-level request, even if the client hasn't asked about it. The patch for it is quite easy. The question is: would it be possible to add this as a standard server's behaviour (switched by a configuration directive)? Regards, Konstantin. -- * * Konstantin Chuguev - Application Engineer * * Francis House, 112 Hills Road * Cambridge CB2 1PQ, United Kingdom D A N T E WWW: http://www.dante.net P.S. Michael, could you try ldap.nameflow.net (root NC) for your referral testing. |
