- if (search_type == SEARCH_LDAP_AUTH && rc == LDAP_INVALID_CREDENTIALS)
- {
- DEBUG(D_lookup)
- debug_printf("Invalid credentials: ldapauth returns FAIL\n");
- error_yield = FAIL;
- goto RETURN_ERROR_NOMSG;
- }
+ if ((rc = ldap_result( lcp->ld, msgid, 1, timeoutptr, &result )) <= 0)
+ {
+ *errmsg = string_sprintf("failed to bind the LDAP connection to server "
+ "%s%s - LDAP error: %s", host, porttext,
+ rc == -1 ? "result retrieval failed" : "timeout" );
+ result = NULL;
+ goto RETURN_ERROR;
+ }
+
+ rc = ldap_result2error( lcp->ld, result, 0 );
+
+ /* Invalid credentials when just checking credentials returns FAIL. This
+ stops any further servers being tried. */
+
+ if (search_type == SEARCH_LDAP_AUTH && rc == LDAP_INVALID_CREDENTIALS)
+ {
+ DEBUG(D_lookup)
+ debug_printf("Invalid credentials: ldapauth returns FAIL\n");
+ error_yield = FAIL;
+ goto RETURN_ERROR_NOMSG;
+ }