[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4158) RE_23: SASL Binds don't always work

To: openldap-its@OpenLDAP.org
Subject: (ITS#4158) RE_23: SASL Binds don't always work
From: quanah@stanford.edu
Date: Mon, 7 Nov 2005 18:40:34 GMT

Full_Name: Quanah Gibson-Mount
Version: REL ENG 2-3
OS: Solaris 8
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (171.64.19.82)


Today the following error came in on my one production RE_23 box of 11/4/2005:

ldap0:/var/tmp/replica# more ldap9.stanford.edu:389.rej
ERROR: Strong(er) authentication required: modifications require authentication
replica: ldap9.stanford.edu:389
time: 1131385590.0


The server reports the following for the connection:

grep conn=16663 /var/log/ldap | more
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 848112 local4.debug]
conn=16663 fd=117 ACCEPT from IP=171.67.16.20:53249 (IP=0.0.0.0:389)
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 215403 local4.debug]
conn=16663 op=0 BIND
dn="cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu
" method=163
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 588225 local4.debug]
conn=16663 op=0 RESULT tag=97 err=14 text=
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 215403 local4.debug]
conn=16663 op=1 BIND
dn="cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu
" method=163
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 588225 local4.debug]
conn=16663 op=1 RESULT tag=97 err=14 text=
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 215403 local4.debug]
conn=16663 op=2 BIND
dn="cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu
" method=163
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 538062 local4.debug]
conn=16663 op=2 BIND authcid="service/ldap@stanford.edu"
authzid="service/ldap@stanf
ord.edu"
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 588225 local4.debug]
conn=16663 op=2 RESULT tag=97 err=0 text=
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 249368 local4.debug]
conn=16663 op=3 MOD dn="uid=XXXXXX,cn=Accounts,dc=Stanford,dc=edu"
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 396994 local4.debug]
conn=16663 op=3 MOD attr=suAutoreplyMsg suAutoreplyForward suAutoreplyStatus
suAutor
eplySubj objectClass suIdentifies seeAlso owner suMailDrop suService entryCSN
modifiersName modifyTimestamp
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 588225 local4.debug]
conn=16663 op=3 RESULT tag=103 err=8 text=modifications require authentication
Nov  7 09:46:33 ldap9.Stanford.EDU slapd[9764]: [ID 690767 local4.debug]
conn=16663 op=2 BIND
dn="cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu
" mech=GSSAPI ssf=56
Nov  7 09:47:06 ldap9.Stanford.EDU slapd[9764]: [ID 485650 local4.debug]
conn=16663 fd=117 closed (idletimeout)


So the question is -- Why did the SASL bind not complete correctly?

--Quanah

Prev by Date: (ITS#4159) RE_23: Slapd core dumps due to some memory related issue
Next by Date: Re: (ITS#4116) Schema attributeType SYNTAX declaration
Index(es):
- Chronological
- Thread