|
|
@@ -1808,7 +1808,8 @@ bind_and_check_pwp(Repl_Connection *conn, char * binddn, char *password)
|
|
|
}
|
|
|
|
|
|
/* Attempt to bind as a user to AD in order to see if we posess the
|
|
|
- * most current password. Returns the LDAP return code of the bind. */
|
|
|
+ * most current password. Returns 0 if the bind was successful,
|
|
|
+ * non-zero otherwise. */
|
|
|
int
|
|
|
windows_check_user_password(Repl_Connection *conn, Slapi_DN *sdn, char *password)
|
|
|
{
|
|
|
@@ -1816,6 +1817,7 @@ windows_check_user_password(Repl_Connection *conn, Slapi_DN *sdn, char *password
|
|
|
LDAPMessage *res = NULL;
|
|
|
int rc = 0;
|
|
|
int msgid = 0;
|
|
|
+ int parse_rc = 0;
|
|
|
|
|
|
/* If we're already connected, this will just return success */
|
|
|
windows_conn_connect(conn);
|
|
|
@@ -1839,8 +1841,19 @@ windows_check_user_password(Repl_Connection *conn, Slapi_DN *sdn, char *password
|
|
|
"Error: timeout reading "
|
|
|
"bind response for [%s]\n",
|
|
|
binddn ? binddn : "(anon)");
|
|
|
+ rc = -1;
|
|
|
+ } else {
|
|
|
+ parse_rc = ldap_parse_result( conn->ld, res, &rc, NULL, NULL, NULL, NULL, 1 /* Free res */);
|
|
|
+ if (parse_rc != LDAP_SUCCESS) {
|
|
|
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
|
|
|
+ "Error: unable to parse "
|
|
|
+ "bind result for [%s]: "
|
|
|
+ "error %d\n",
|
|
|
+ binddn ? binddn : "(anon)",
|
|
|
+ parse_rc);
|
|
|
+ rc = -1;
|
|
|
+ }
|
|
|
}
|
|
|
- ldap_parse_result( conn->ld, res, &rc, NULL, NULL, NULL, NULL, 1 /* Free res */);
|
|
|
|
|
|
/* rebind as the DN specified in the sync agreement */
|
|
|
bind_and_check_pwp(conn, conn->binddn, conn->plain);
|
Nathan Kinder