[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5971) Debug mode "fixes" authentication issue



Full_Name: Neil Garratt
Version: 2.4.14
OS: Centos 5.2
URL: 
Submission from: (NULL) (196.35.158.180)


I'm testing OpenLDAP 2.4.14 on Centos 5.2, used as a reverse proxy to AD. When
slapd is run with debugging disabled (or set to 0), search requests throw the
following error:

DSID-0C090627: In order to perform this operation a successful bind must be
completed on the connection.

When run with any other debug value, it returns the results correctly. In both
cases, the logs show a successful bind with the acl-bind user, the search finds
the correct result, and acl's show access granted to read. The only difference
is what is returned.

If I hammer the requests through, I do occasionally get the correct answer when
using -d 0, and I also occasionally get the error with -d 1.

http://www.nu.co.za/slapd/slapd.conf
http://www.nu.co.za/slapd/d0-ldapsearch.txt
http://www.nu.co.za/slapd/d0-slapdlog.txt
http://www.nu.co.za/slapd/d1-ldapsearch.txt
http://www.nu.co.za/slapd/d1-slapdlog.txt

The d0 files are from slapd started with -d 0 (failing)
The d1 files are from slapd started with -d 1 (working)