[Freeipa-devel] [PATCH 0081] Skip referrals when converting LDAP result to LDAPEntry
Tomas Babej
tbabej at redhat.com
Fri Jul 26 10:23:52 UTC 2013
On Friday 26 of July 2013 12:16:42 Jan Cholasta wrote:
> On 26.7.2013 11:29, Tomas Babej wrote:
> > After some investigation I decided the correct approach here is to
> > scream at the debug level only, when referral is being ignored.
> >
> > We cannot guide ourselves by the ldap.OPT_REFFERALS option of the underlying
> > connection simply because even if referral chasing is turned on (and therefore
> > we should not get any referrals from python-ldap, since they should have been
> > resolved), queries for AD can return referrals (AD returns them often as a way to
> > provide additional information AFAIU). This can also happen if we are not able
> > to authenticate to the referred server, or resolve the LDAP uri.
> >
> > In case ignoring referrals ever breaks something, we can find the information
> > in the log at the debug level. Doing otherwise would be unnecessarily spamming
> > the log now.
> >
> > Updated patch attached.
>
> Nitpick: I would prefer a shorter message without unnecessary
> implementation details - something like "Ignoring referral entry {ref}".
> Also use str(original_attrs) as ref.
>
> Honza
>
> --
> Jan Cholasta
Agreed, fixed.
Tomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-tbabej-0081-3-Skip-referrals-when-converting-LDAP-result-to-LDAPEn.patch
Type: text/x-patch
Size: 1335 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130726/d369526c/attachment.bin>
More information about the Freeipa-devel
mailing list