On 2/1/12 10:55 AM, masarati@aero.polimi.it wrote: >> I have built and upgraded one of my openldap servers from 2.4.26 to 2.4.28 >> (on RHEL release >> 5.7 x86_64) and with the identical configuration to my other servers, I am >> seeing the following >> messages in the slapd.log file: >> >> slapd[4434]: conn=115331 fd=263 ACCEPT from IP=X.X.X.X:51856 >> (IP=0.0.0.0:389) >> slapd[4434]: conn=115331 op=0 do_extended: protocol version (2) too low >> slapd[4434]: conn=115331 op=0 DISCONNECT tag=120 err=2 text=requires >> LDAPv3 >> slapd[4434]: conn=115331 fd=263 closed (operations error) >> >> I'm not seeing anything leaping out at me from the change log for >> 2.4.27/2.4.28 that indicates >> what I have gotten wrong that worked until now. >> >> As I said, I am running the same slapd.conf file on my 2.4.26 >> installations and not seeing >> these failures there at all (and since I use an F5 load balancer, these >> connections are sprayed >> all across my pool of servers). >> >> Where should I start looking? > "do_extended" means an extended operation is being requested with protocol > version set to LDAPv2, and LDAPv2 has no notion of extended operations. > Can you track what operation is being requested? With guidance about how to, I can certainly do my best to. I can use tcpdump to gather all traffic between the client and this server on port 389 - but, I'm not going to be able to understand what I'm catching. Is there a more preferred method of capturing this? > p. -- Frank Swasey | http://www.uvm.edu/~fcs Sr Systems Administrator | Always remember: You are UNIQUE, University of Vermont | just like everyone else. "I am not young enough to know everything." - Oscar Wilde (1854-1900)
Attachment:
signature.asc
Description: OpenPGP digital signature