From 275e607acb0215e1fdbe5b6ba68eb75226b1354d Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Thu, 4 Feb 2010 20:07:09 +0100
Subject: [PATCH 2/2] Document when LDAP referral chasing is available

---
 server/man/sssd-ldap.5.xml          |    5 +++++
 server/providers/ldap/ldap_common.c |   12 ++++++++++++
 2 files changed, 17 insertions(+), 0 deletions(-)

diff --git a/server/man/sssd-ldap.5.xml b/server/man/sssd-ldap.5.xml
index 2737c24..18af37b 100644
--- a/server/man/sssd-ldap.5.xml
+++ b/server/man/sssd-ldap.5.xml
@@ -622,6 +622,11 @@
                             be enabled.
                         </para>
                         <para>
+                            Please note that sssd only supports referral chasing
+                            when it is compiled with OpenLDAP version 2.4.12 or
+                            higher.
+                        </para>
+                        <para>
                             Default: true
                         </para>
                     </listitem>
diff --git a/server/providers/ldap/ldap_common.c b/server/providers/ldap/ldap_common.c
index 15d44dc..bd4294f 100644
--- a/server/providers/ldap/ldap_common.c
+++ b/server/providers/ldap/ldap_common.c
@@ -217,6 +217,18 @@ int ldap_get_options(TALLOC_CTX *memctx,
         goto done;
     }
 
+
+#ifndef HAVE_LDAP_CONNCB
+    bool ldap_referrals;
+
+    ldap_referrals = dp_opt_get_bool(opts->basic, SDAP_REFERRALS);
+    if (ldap_referrals) {
+        DEBUG(1, ("LDAP referrals are not supported, because the LDAP library "
+                  "is too old, see sssd-ldap(5) for details.\n"));
+        ret = dp_opt_set_bool(opts->basic, SDAP_REFERRALS, false);
+    }
+#endif
+
     /* schema type */
     schema = dp_opt_get_string(opts->basic, SDAP_SCHEMA);
     if (strcasecmp(schema, "rfc2307") == 0) {
-- 
1.6.6