[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap 2.4.28 and "allow bind_v2"

To: "Francis Swasey" <Frank.Swasey@uvm.edu>
Subject: Re: openldap 2.4.28 and "allow bind_v2"
From: masarati@aero.polimi.it
Date: Wed, 1 Feb 2012 16:55:54 +0100 (CET)
Cc: openldap-technical@openldap.org
Importance: Normal
In-reply-to: <4F295C04.6010608@uvm.edu>
References: <4F295C04.6010608@uvm.edu>
User-agent: SquirrelMail/1.4.15

> I have built and upgraded one of my openldap servers from 2.4.26 to 2.4.28
>  (on RHEL release
> 5.7 x86_64) and with the identical configuration to my other servers, I am
> seeing the following
> messages in the slapd.log file:
>
> slapd[4434]: conn=115331 fd=263 ACCEPT from IP=X.X.X.X:51856
> (IP=0.0.0.0:389)
> slapd[4434]: conn=115331 op=0 do_extended: protocol version (2) too low
> slapd[4434]: conn=115331 op=0 DISCONNECT tag=120 err=2 text=requires
> LDAPv3
> slapd[4434]: conn=115331 fd=263 closed (operations error)
>
> I'm not seeing anything leaping out at me from the change log for
> 2.4.27/2.4.28 that indicates
> what I have gotten wrong that worked until now.
>
> As I said, I am running the same slapd.conf file on my 2.4.26
> installations and not seeing
> these failures there at all (and since I use an F5 load balancer, these
> connections are sprayed
> all across my pool of servers).
>
> Where should I start looking?

"do_extended" means an extended operation is being requested with protocol
version set to LDAPv2, and LDAPv2 has no notion of extended operations. 
Can you track what operation is being requested?

p.

Follow-Ups:
- Re: openldap 2.4.28 and "allow bind_v2"
  - From: Francis Swasey <Frank.Swasey@uvm.edu>

References:
- openldap 2.4.28 and "allow bind_v2"
  - From: Francis Swasey <Frank.Swasey@uvm.edu>

Prev by Date: openldap 2.4.28 and "allow bind_v2"
Next by Date: Re: openldap 2.4.28 and "allow bind_v2"
Index(es):
- Chronological
- Thread