diff options
Diffstat (limited to 'source3/lib/smbldap.c')
-rw-r--r-- | source3/lib/smbldap.c | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index c96801a72b..7287e3d998 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -721,9 +721,18 @@ int smb_ldap_setup_conn(LDAP **ldap_struct, const char *uri) rc = ldap_initialize(ldap_struct, uri); if (rc) { DEBUG(0, ("ldap_initialize: %s\n", ldap_err2string(rc))); + return rc; } - return rc; + if (lp_ldap_ref_follow() != Auto) { + rc = ldap_set_option(*ldap_struct, LDAP_OPT_REFERRALS, + lp_ldap_ref_follow() ? LDAP_OPT_ON : LDAP_OPT_OFF); + if (rc != LDAP_SUCCESS) + DEBUG(0, ("Failed to set LDAP_OPT_REFERRALS: %s\n", + ldap_err2string(rc))); + } + + return LDAP_SUCCESS; #else /* Parse the string manually */ @@ -774,7 +783,6 @@ int smb_ldap_setup_conn(LDAP **ldap_struct, const char *uri) } #endif /* HAVE_LDAP_INITIALIZE */ - /* now set connection timeout */ #ifdef LDAP_X_OPT_CONNECT_TIMEOUT /* Netscape */ { @@ -1046,12 +1054,18 @@ static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_ int version; if (!ldap_state->anonymous && !ldap_state->bind_dn) { + char *bind_dn = NULL; + char *bind_secret = NULL; /* get the default dn and password only if they are not set already */ - if (!fetch_ldap_pw(&ldap_state->bind_dn, &ldap_state->bind_secret)) { + if (!fetch_ldap_pw(&bind_dn, &bind_secret)) { DEBUG(0, ("ldap_connect_system: Failed to retrieve password from secrets.tdb\n")); return LDAP_INVALID_CREDENTIALS; } + smbldap_set_creds(ldap_state, false, bind_dn, bind_secret); + SAFE_FREE(bind_dn); + memset(bind_secret, '\0', strlen(bind_secret)); + SAFE_FREE(bind_secret); } /* removed the sasl_bind_s "EXTERNAL" stuff, as my testsuite |