[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: help with "referral missing" error

Hi Matt
gessing: this is the config of a secondary LDAP host, who's updates are coming from a primary host wia slurp? 'cause I see the updatedn parameter in your slapd.conf.

usually, a secondary LDAP host returns a referral to the primary host (attribute updateref, which is missing in your slapd.conf and which is the missing referral), once you go and try to do changes in the secondary host.

1.  define the updateref attribute in this slapd.conf
2.  go directly into the primary LDAP host for the changes.


Matt Richard wrote:


Perhaps someone can help me resolve a problem with our LDAP database. I'm running OpenLDAP 2.1.22 with bdb 4.1.25 on on Mac OSX 10.2.6 Server (December dev-tools).

I can use the roodn to make changes, but if I try to use a user account, I cannot make changes to my own record - I get a "LDAP: Error 53 - referral missing" error from my client (LDAPBrowser).

According to my (temporary) ACL's, I should be able to change all the attributes in my user record.

I'm wondering if I'm missing something here... can anyone help shed some light on this for me?



Here is my slapd.conf: (comments removed for brevity)

include             /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/misc.schema
include         /etc/openldap/schema/netinfo.schema
include         /usr/local/etc/openldap/schema/apple.schema
include         /usr/local/etc/openldap/schema/fandmedu.schema
include         /usr/local/etc/openldap/schema/eduperson.schema
include         /usr/local/etc/openldap/schema/openradius.schema
allows          bind_v2
schemacheck     off
pidfile        /var/run/slapd.pid
argsfile    /var/run/slapd.args
sizelimit 50

database    bdb
directory    /usr/local/var/openldap-data
access to attr=userPassword
        by self write
        by anonymous auth
        by * none
access to *
        by self write
        by * read
index   uid                     pres,eq,approx,sub
index   cn                      pres,eq,approx,sub
index   sn                      pres,eq,approx,sub
index   uidNumber               eq
index   gidNumber               eq
index   memberUid               eq
index   objectClass             pres,eq
suffix        ""
updatedn    .removed.
rootdn        .removed.
rootpw        .removed.

Here is the output from when I run 'slapd -d65535':

dnPrettyNormal: <uid=mrichard, cn=users, dc=fandm,dc=edu>

=> ldap_bv2dn(uid=mrichard, cn=users, dc=fandm,dc=edu,0)
<= ldap_bv2dn(uid=mrichard, cn=users, dc=fandm,dc=edu,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=mrichard,cn=users,dc=fandm,dc=edu,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=mrichard,cn=users,dc=fandm,dc=edu,272)=0
<<< dnPrettyNormal: <uid=mrichard,cn=users,dc=fandm,dc=edu>, <uid=mrichard,cn=users,dc=fandm,dc=edu>
replace: apple-user-homequota
one value, length 9
replace: userPassword
one value, length 20
replace: homePostalAddress
one value, length 44
conn=0 op=5 MOD dn="uid=mrichard, cn=users, dc=fandm,dc=edu"
conn=0 op=5 MOD attr=apple-user-homequota userPassword homePostalAddress
=> bdb_dn2id_matched( "uid=mrichard,cn=users,dc=fandm,dc=edu" )
====> bdb_cache_find_entry_dn2id("uid=mrichard,cn=users,dc=fandm,dc=edu"): 397 (1 tries)
====> bdb_cache_find_entry_id( 397 ) "uid=mrichard,cn=users,dc=fandm,dc=edu" (found) (1 tries)
====> bdb_cache_return_entry_r( 397 ): returned (0)
send_ldap_result: conn=0 op=5 p=3
send_ldap_result: err=53 matched="" text="referral missing"
send_ldap_response: msgid=6 tag=103 err=53
ber_flush: 30 bytes to sd 11
0000: 30 1c 02 01 06 67 17 0a 01 35 04 00 04 10 72 65 0....g...5....re
0010: 66 65 72 72 61 6c 20 6d 69 73 73 69 6e 67 ferral missing
ldap_write: want=30, written=30
0000: 30 1c 02 01 06 67 17 0a 01 35 04 00 04 10 72 65 0....g...5....re
0010: 66 65 72 72 61 6c 20 6d 69 73 73 69 6e 67 ferral missing
conn=0 op=5 RESULT tag=103 err=53 text=referral missing
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL