--- server/ldap.c
+++ server/ldap.c	2007/03/13 14:58:28
@@ -974,8 +974,8 @@ next_ldap_entry (struct parse *cfile)
     }
 
   while (ldap_stack != NULL && 
-         (ldap_stack->ldent == NULL ||
-          (ldap_stack->ldent = ldap_next_entry (ld, ldap_stack->ldent)) == NULL))
+         (ldap_stack->ldent == NULL || ( ldap_stack->processed &&
+          (ldap_stack->ldent = ldap_next_entry (ld, ldap_stack->ldent)) == NULL)))
     {
       if (ldap_stack->close_brace)
         {
@@ -1110,9 +1110,9 @@ ldap_generate_config_string (struct pars
 {
   char **objectClass, *dn;
   struct ldap_config_stack *entry;
-  LDAPMessage * ent, * res;
+  LDAPMessage *ent, *res, *entfirst, *resfirst;
   int i, j, ignore, found;
-  int ret;
+  int ret, parsedn = 1;
 
   if (ld == NULL)
     ldap_start ();
@@ -1124,6 +1124,7 @@ ldap_generate_config_string (struct pars
                                       "objectClass")) == NULL)
     return;
     
+  entry->processed = 1;
   ignore = 0;
   found = 1;
   for (i=0; objectClass[i] != NULL; i++)
@@ -1184,18 +1185,32 @@ ldap_generate_config_string (struct pars
                            LDAP_BUFFER_SIZE-1, NULL);
 
   dn = ldap_get_dn (ld, entry->ldent);
-
+  if (dn == NULL)
+    {
+      ldap_stop();
+      return;
+    }
 #if defined(DEBUG_LDAP)
-  if (dn != NULL)
-    log_info ("Found LDAP entry '%s'", dn);
+  else
+    {
+      log_info ("Found LDAP entry '%s'", dn);
+    }
 #endif
 
-  if (dn == NULL ||
-      (ret = ldap_search_s (ld, dn, LDAP_SCOPE_ONELEVEL, "objectClass=*", 
+  if ((ret = ldap_search_s (ld, dn, LDAP_SCOPE_ONELEVEL, "(!(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass)) (objectClass=dhcpFailOverPeer)))",
                             NULL, 0, &res)) != LDAP_SUCCESS)
     {
-      if (dn)
-        ldap_memfree (dn);
+      ldap_memfree (dn);
+
+      ldap_stop();
+      return;
+    }
+
+  if ((ret = ldap_search_s (ld, dn, LDAP_SCOPE_ONELEVEL, "(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass)) (objectClass=dhcpFailOverPeer))",
+                            NULL, 0, &resfirst)) != LDAP_SUCCESS)
+    {
+      ldap_memfree (dn);
+      ldap_msgfree (res);
 
       ldap_stop();
       return;
@@ -1203,17 +1218,32 @@ ldap_generate_config_string (struct pars
 
   ldap_memfree (dn);
 
-  if ((ent = ldap_first_entry (ld, res)) != NULL)
+  ent = ldap_first_entry(ld, res);
+  entfirst = ldap_first_entry(ld, resfirst);
+
+  if (ent == NULL && entfirst == NULL)
+    {
+      parse_external_dns (entry->ldent);
+      next_ldap_entry (cfile);
+    }
+
+  if (ent != NULL)
     {
       add_to_config_stack (res, ent);
       parse_external_dns (entry->ldent);
+      parsedn = 0;
     }
   else
+    ldap_msgfree (res);
+
+  if (entfirst != NULL)
     {
-      ldap_msgfree (res);
-      parse_external_dns (entry->ldent);
-      next_ldap_entry (cfile);
+      add_to_config_stack (resfirst, entfirst);
+      if(parsedn)
+        parse_external_dns (entry->ldent);
     }
+  else
+    ldap_msgfree (resfirst);
 }