On 29/9/03 9:11 pm, Diffenderfer, Randy <[EMAIL PROTECTED]> wrote: > Folks, > > Am looking for hints as to why this is going on. > > I have a script that verifies object replication to a bunch of slave ldap > servers. It does this by trying to do a bind with full DN and userPassword. > > The script gives different results between the master, a Critical Path 3.1.4 > version, and the slaves, all Critical Path 4.2 version. > > The program is... > > init new connection to ldap server > foreach ( DN/pwd pair ) > bind > analyze results > unbind > end > > On the master server, I can do this with DNs and good or bad passwords as > long as I care to. This is what I would expect. Good passwords result in a > good bind, bad passwords in no bind. > > On the slaves, I get an ldap return code of 1 for the next bind attempt > after the first successful bind. If I take out the unbind call, then things > work as expected. > > What the... ? > > Any suggestions? Obviously I can provide source code and traces if need be, > but, I thought I'd start with a simple abstract description.
Result code 1 is "operations error". I don't think that Net::LDAP::bind() will generate this error internally, but you should verify that it is coming from the server by increasing the debug logging in your script ($ldap->debug(12)). Can you see your unbinds going to the server as well? Do you wait for the unbind results before doing the next bind? On the other hand (if you don't want to debug this :-) you should just be able to keep sending bind ops on the same connection without unbinding, so simply omitting the unbind should be OK. Since some servers (though not Critical Path's, it would seem) treat an unbind as a request to close the TCP connection, your script will be more portable if you omit the unbind anyway. Cheers, Chris
