8212 – slapd stops on consumer node

Issue 8212 - slapd stops on consumer node

Summary: slapd stops on consumer node

Status:	VERIFIED SUSPENDED

Alias:	None

Product:	OpenLDAP
Classification:	Unclassified
Component:	slapd (show other issues)
Version:	2.4.40
Hardware:	All All

Importance:	--- normal
Target Milestone:	---
Assignee:	OpenLDAP project

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-08-04 11:55 UTC by steen.brandtmar@ibapplications.com
Modified:	2020-03-21 18:23 UTC (History)
CC List:	0 users

See Also:	9126

Attachments
slapd.provider.conf.txt (4.56 KB, text/plain) 2015-08-05 07:28 UTC, steen.brandtmar@ibapplications.com	Details
slapd.consumer.conf.txt (4.62 KB, text/plain) 2015-08-05 07:28 UTC, steen.brandtmar@ibapplications.com	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description steen.brandtmar@ibapplications.com 2015-08-04 11:55:27 UTC

Full_Name: Steen Brandtmar
Version: 2.4.40
OS: Linux Ubuntu 12.04
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (86.48.99.242)


Hi
We are running two servers in  mirrormode.
When we run ldappasswd on provider node all is OK and passwords are changed in
bdb. Logfile shows PASSMOD on relevant uid.
When we run the same ldappasswd command on consumer node, slapd stops abruptly
on this node and must be started manually.

Comment 1 Michael Ströder 2015-08-04 12:05:25 UTC

Steen.brandtmar@ibapplications.com wrote:
> We are running two servers in  mirrormode.
> When we run ldappasswd on provider node all is OK and passwords are changed in
> bdb. Logfile shows PASSMOD on relevant uid.
> When we run the same ldappasswd command on consumer node, slapd stops abruptly
> on this node and must be started manually.

Could you please retry with 2.4.41?

If it's still a problem with 2.4.41 a stripped down config for reproducing the
issue would be good.

Ciao, Michael.

Comment 2 steen.brandtmar@ibapplications.com 2015-08-05 07:28:44 UTC

Hi

I did an upgrade to 2.4.41 on the consumer node. Then restarted.
Consumer IP = 10.0.100.6
Provider IP=10.0.100.5

Then - on consumer - I executed this command:
/usr/local/bin/ldappasswd -x -D uid=xxxxxx,ou=People,dc=iba,dc=local -w oldpasswod -H ldap://10.0.100.6 -Z -s newpassword uid=xxxxxx,ou=People,dc=iba,dc=local
ldap_result: Can't contact LDAP server (-1)

And logfile writes:
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 fd=18 ACCEPT from IP=10.0.100.6:42621 (IP=0.0.0.0:389)
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 op=0 STARTTLS
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 op=0 RESULT oid= err=0 text=
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 fd=18 TLS established tls_ssf=128 ssf=128
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 op=1 BIND dn="uid=xxxxxx,ou=People,dc=iba,dc=local" method=128
Aug  4 16:33:40 mgmt1 slapd[17418]: conn=1141 op=1 BIND dn="uid=xxxxxx,ou=People,dc=iba,dc=local" mech=SIMPLE ssf=0
Aug  4 16:33:40 mgmt1 slapd[17418]: ppolicy_bind: Entry uid=xxxxxx,ou=People,dc=iba,dc=local has an expired password: 6 grace logins
Aug  4 16:33:41 mgmt1 slapd[17418]: conn=1141 op=1 RESULT tag=97 err=0 text=
Aug  4 16:33:41 mgmt1 slapd[17418]: conn=1141 op=2 EXT oid=1.3.6.1.4.1.4203.1.11.1
Aug  4 16:33:41 mgmt1 slapd[17418]: conn=1141 op=2 PASSMOD id="uid=xxxxxx,ou=People,dc=iba,dc=local" new

and slapd stops.

I've attached configs for consumer and provider.


Regards Steen


Steen Brandtmar
+45 2893 5392

Insurance Business Applications
Gammel Kongevej 1, 4. sal
1610 København, Danmark

   


-----Original Message-----
From: openldap-its@OpenLDAP.org [mailto:openldap-its@OpenLDAP.org] 
Sent: 4. august 2015 13:55
To: Steen Brandtmar <Steen.Brandtmar@ibapplications.com>
Subject: Re: (ITS#8212) slapd stops on consumer node


*** THIS IS AN AUTOMATICALLY GENERATED REPLY ***

Thanks for your report to the OpenLDAP Issue Tracking System.  Your report has been assigned the tracking number ITS#8212.

One of our support engineers will look at your report in due course.
Note that this may take some time because our support engineers are volunteers.  They only work on OpenLDAP when they have spare time.

If you need to provide additional information in regards to your issue report, you may do so by replying to this message.  Note that any mail sent to openldap-its@openldap.org with (ITS#8212) in the subject will automatically be attached to the issue report.

	mailto:openldap-its@openldap.org?subject=(ITS#8212)

You may follow the progress of this report by loading the following URL in a web browser:
    http://www.OpenLDAP.org/its/index.cgi?findid=8212

Please remember to retain your issue tracking number (ITS#8212) on any further messages you send to us regarding this report.  If you don't then you'll just waste our time and yours because we won't be able to properly track the report.

Please note that the Issue Tracking System is not intended to be used to seek help in the proper use of OpenLDAP Software.
Such requests will be closed.

OpenLDAP Software is user supported.
	http://www.OpenLDAP.org/support/

--------------
Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved.

Comment 3 Ryan Tandy 2015-08-15 04:56:31 UTC

Hi,

I experimented with openldap 2.4.41 and the files you posted and did not 
experience any crashes.

Please try to reduce the example setup as far as possible, until you 
find that the crash disappears after you disable a particular directive.

Please also make sure you have the debugging symbols for slapd and 
libldap installed, and then try to provide a backtrace from gdb after 
triggering the crash, as well as the exact config files (and, if 
possible, relevant DIT contents, such as ppolicy configuration) that 
were in use at the time.

Thanks for your help,

Ryan

Comment 4 Quanah Gibson-Mount 2020-03-21 18:23:47 UTC

Likely bug#9126