And updated the source so that it prints out warnings
if they cannot be enabled.
We should probably just remove these two options. There are
always benefits to leaving them on. There are no real benefits
to turning them off
options {
#
# The following two configuration items are for Active Directory
- # compatibility. If you see the helpful "operations error"
- # being returned to the LDAP module, uncomment the next
- # two lines.
+ # compatibility. If you set these to "no", then searches
+ # will likely return "operations error", instead of a
+ # useful resuly.
#
-# chase_referrals = yes
-# rebind = yes
+ chase_referrals = yes
+ rebind = yes
# seconds to wait for LDAP query to finish. default: 20
timeout = 10
do_ldap_option(LDAP_OPT_REFERRALS, "chase_referrals",
LDAP_OPT_ON);
-#if LDAP_SET_REBIND_PROC_ARGS == 3
if (inst->rebind == 1) {
+#if LDAP_SET_REBIND_PROC_ARGS == 3
ldap_set_rebind_proc(handle, ldap_rebind, inst);
- }
+#else
+ DEBUGW("The flag 'rebind = yes' is not supported by the system LDAP library. Ignoring.");
#endif
+ }
} else {
do_ldap_option(LDAP_OPT_REFERRALS, "chase_referrals",
LDAP_OPT_OFF);
projects / freeradius.git / commitdiff