[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: What's the magic to allowing version 2 binds?

To: Pierangelo Masarati <ando@sys-net.it>
Subject: Re: What's the magic to allowing version 2 binds?
From: hshaw@xytek.org
Date: Sun, 24 Nov 2002 23:23:59 -0800 (PST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <63690.81.72.89.40.1038207661.squirrel@webmail.sys-net.it>
Organization: Xytek, Industries

Yes.. thats a cut and paste from my slapd.conf file.
I'll check on that man page.. 

Terrelle

On 25-Nov-2002 Pierangelo Masarati wrote:
> 
>> Ok, I have installed openldap 2.1.8 running on a linux box at kernel
>> version 2.4.18 (slackware to be precise)
>> I'm running bdb:
>>
>> Nov 24 21:04:59 belgarath slapd[6129]: bdb_open: Sleepycat Software:
>> Berkeley DB 4.1.24: (September 13, 2002)
>> Nov 24 21:04:59 belgarath slapd[6129]: bdb_db_init: Initializing BDB
>> database  Nov 24 21:04:59 belgarath slapd[6129]: slapd starting
>>
>> Here is the relavent areas of my slapd.conf file:
>>
>> # Sample access control policy:
>>         allow bind_v2
> 
> Are you sure you added the above reported line to slapd.conf?
> 
>>         Allow read access of root DSE
>>         Allow self write access
>>         Allow authenticated users read access
>>         Allow anonymous users to authenticate
> 
> Did you really add the above reported lines to slapd.conf?
> 
>> # Directives needed to implement policy:
>> access to dn.base="" by * read
>> access to *
>>         by self write
>>         by users read
>>         by anonymous auth
>> #
>> # if no access controls are present, the default policy is:
>> #       Allow read by all
>> #
>> # rootdn can always write!
>>
>> I can connect just fine using GQ and LDAP browswer/editor v2.8.2 using
>> ldap v3. Using the Ldap browser/editor in ldap v2 mode and i can't
>> connect and get this in the logs (as well as other "ldap aware" clients
>> that are using ldap v2 protocal):
>>
>> Nov 24 21:05:11 belgarath slapd[6129]: daemon: conn=0 fd=10 connection
>> from IP=192.168.0.3:3621 (IP=0.0.0.0:389) accepted.
>> Nov 24 21:05:11 belgarath slapd[6129]: conn=0 op=0 BIND dn="" method=128
>>  Nov 24 21:05:11 belgarath slapd[6129]: conn=0 op=0 RESULT tag=97 err=2
>> text=requested protocol version not allowed
>> Nov 24 21:05:11 belgarath slapd[6129]: conn=0 fd=10 closed
> 
> Then, if your clients are SO hosed, all you can try is:
> read slapd.conf(5) )(the one that comes with 2.1.8, not
> earlier ones) and play with other "allow" directives.
> 
> Pierangelo.
> 
> -- 
> Pierangelo Masarati
> mailto:pierangelo.masarati@sys-net.it

----------------------------------
E-Mail: hshaw@xytek.org
Date: 24-Nov-2002
Time: 23:23:21

This message was sent by XFMail
----------------------------------

Follow-Ups:
- Re: What's the magic to allowing version 2 binds?
  - From: "Pierangelo Masarati" <ando@sys-net.it>

References:
- Re: What's the magic to allowing version 2 binds?
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: Re: What's the magic to allowing version 2 binds?
Next by Date: Compile error - "cannot find -lpam"
Index(es):
- Chronological
- Thread