I noticed that with OpenLDAP 2.2.x, auth_ldap from apache on windows
fails. The actual error ends up being a invalid size limit on the
openldap end of things. After doing some research, it looks like the
Microsoft SDK defaults the sizelimit to (2^32)-1 (4294967295 or
basically an unsigned 32-bit int). OpenLDAP 2.2.x restricts the
sizelimit to (2^(32-1)) -1 (2147483647 or a signed 32-bit int).
I have no idea how to report this to microsoft, as it's the microsoft
SDK that's out of spec. RFC 2251 (http://www.ietf.org/rfc/rfc2251.txt)
declares the max of a size limit to be the openldap value.
As far as I can tell, none of the other ldap servers care and openldap
2.1.x didn't care either, but unfortunately, 2.2.x does care.
Anyone else run into this problem and have any ideas or know how ot
report this to MS? I was thinking of filing an Apache bug/enhancement
requesting that apache be able to pass a size limit to the ldap query.
In theory, you could override this MS SDK problem by explicitly setting
the size limit to a proper value, or patch openldap to ignore it.
Thanks,
Andy
- Win32 Apache and ldap size limit problem. Andy Wang
-
