[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6540) test022-ppolicy is flawed, masks serious stability issue
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6540) test022-ppolicy is flawed, masks serious stability issue
- From: ryans@aweber.com
- Date: Tue, 4 May 2010 15:17:29 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
After patching, and using the same configuration as I had when the chain overlay was causing issues with slapcat and
restarting slapd, I now get prompted with a referral instead of it being automatically chased. However, it does
automatically fill in the DN and password to rebind with:
root@somehost:~# ldapvi -h localhost --bind=simple -D cn=admin,dc=example,dc=com -w `cat /etc/ldap.secret` --discover
159 entries read
add: 0, rename: 0, modify: 1, delete: 0
Action? [yYqQvVebB*rsf+?] y
Received referral to ldap://ldapmaster.example.com/uid=ryans,ou=Users,dc=example,dc=com.
You are not logged in to ldap://ldapmaster.example.com:389 yet.
Type '!' or 'y' to do so.
Rebind? [y!nB*qQ?] y
--- Login
Type M-h for help on key bindings.
Filter or DN: cn=admin,dc=example,dc=com
Password: ***********
Bound as cn=admin,dc=example,dc=com.
Done.
Before, I never got prompted with this message when using ldapvi, which makes me think that chaining is no longer
working. For reference, I am using the same configuration as is documented in test022-ppolicy:
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb.la
olcModuleLoad: {1}autogroup.la
olcModuleLoad: {2}syncprov.la
olcModuleLoad: {3}back_ldap.la
dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
objectClass: olcOverlayConfig
objectClass: olcChainConfig
olcOverlay: {0}chain
dn: olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: {0}ldap
olcDbURI: ldap://ldapmaster.example.com
olcDbIDAssertBind: bindmethod=simple binddn="cn=admin,dc=example,dc=com" credentials=SECRET mode=self
I am still looking in to what might be causing this to fail.