Full_Name: Mustafa A. Hashmi Version: 2.3.30 OS: Debian Etch (4.0) URL: Submission from: (NULL) (202.5.145.13) When slapd is initialized to read configuration via cn=config (-F /path/to/slapd.d), configuration directives are read before modules are loaded. This can result in slapd exiting when a configuration option, provided by a specific module, is found before the module is loaded. As an example: the directive password-hash {K5KEY} results in slapd existing with the following message: olcPasswordHash: value #0: <olcPasswordHash> scheme not available ({K5KEY}) olcPasswordHash: value #0: <olcPasswordHash> no valid hashes found config error processing cn=config: <olcPasswordHash> no valid hashes found The smbk5pwd module is loaded at a later stage during the initialization process. Please note: If cn=config.ldif is edited and the option removed, slapd will start normally and allow the option to be added at runtime.
changed notes moved from Incoming to Software Bugs
See also discussion in thread <http://www.openldap.org/lists/openldap-software/200708/msg00063.html> Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
ando@sys-net.it wrote: > See also discussion in thread > <http://www.openldap.org/lists/openldap-software/200708/msg00063.html> The fix currently in CVS HEAD is to remove the olcPasswordHash attribute from the olcGlobal entry and move it to the frontendDB entry. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Test
changed notes changed state Test to Release
changed notes
Howard Chu wrote: > ando@sys-net.it wrote: >> See also discussion in thread >> <http://www.openldap.org/lists/openldap-software/200708/msg00063.html> > > The fix currently in CVS HEAD is to remove the olcPasswordHash attribute from > the olcGlobal entry and move it to the frontendDB entry. For better backward compatibility, olcPasswordHash is allowed in both the olcGlobal entry and the frontendDB entry. The preferred location for this setting is now in the frontendDB entry. When generating a slapd.d from a slapd.conf file, only the frontendDB entry will carry the attribute. Existing slapd.d configs with the attribute in the global entry should continue to work but they should be manually updated to use only the frontendDB entry. This fix is now in RE23 as well as RE24. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Release to Closed
moved from Software Bugs to Archive.Software Bugs
back-config fix in HEAD/RE24/RE23