Bug 9919 - Feature request: LDAP fast bind control (1.2.840.113556.1.4.1781) is not supported
Summary: Feature request: LDAP fast bind control (1.2.840.113556.1.4.1781) is not supp...
Status: NEW
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: unspecified
Hardware: All All
: P5 enhancement (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-05-31 11:28 UTC by LiuYan
Modified: 2013-06-08 19:53 UTC (History)
0 users

See Also:

Attachments
fast bind test client, in Java (8.87 KB, text/x-java)
2013-05-31 11:28 UTC, LiuYan 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description LiuYan 2013-05-31 11:28:24 UTC 
Created attachment 8935 [details]
fast bind test client, in Java

When testing LDAP authentication against samba4 using fast bind connection
control, I got the following java exception
----------------------------------------
javax.naming.NamingException: [LDAP: error code 1 - Operations Error]
----------------------------------------

and got error message from samba
----------------------------------------
ldapsrv_do_call: Critical extension 1.2.840.113556.1.4.1781 is not known to
this server
----------------------------------------

Our mail system using fast bind control for authentication, so, currently i can't migrate authentication from windows server to samba4.

How to test
===========

1. compile
Put the attachment in to 'org/samba/test/ldap' directory, compile:

javac org/samba/test/ldap/FastBindTest.java

2. test
Run the java test
- if authentication failed, it will output exception and "Authentication failed"
- if authentication ok, it will only output "Authentication OK"

2.1. test against samba4 server

java org.samba.test.ldap.FastBindTest /url ldap://SAMBA4-SERVER-NAME-OR-ADDRESS:389 /u administrator@SAMBA4_DOMAIN.com /p ***
javax.naming.NamingException: [LDAP: error code 1 - Operations Error]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3127)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
        at javax.naming.InitialContext.init(InitialContext.java:242)
        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:153)
        at org.samba.test.ldap.FastBindTest.Authenticate(FastBindTest.java:91)
        at org.samba.test.ldap.FastBindTest.Authenticate_FastBind(FastBindTest.java:115)
        at org.samba.test.ldap.FastBindTest.main(FastBindTest.java:503)
Authentication failed

2.2. test against windows server

$ java org.samba.test.ldap.FastBindTest /url ldap://WIN-SERVER-NAME-OR-ADDRESS:389 /u administrator@WINDOWS_DOMAIN.com /p ***
Authentication OK
Comment 1 Matthias Dieter Wallnöfer 2013-06-08 19:53:37 UTC 
This is rather a feature request.