[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: "control unavailable in context" error even while using back-bdb

On Thursday 23 June 2005 20:06, Prakash Velayutham wrote:
> Hi All,
> I am struggling to get a client machine to authenticate against an
> openldap server. Any help greatly appreciated.
> Server OS - SuSE 9.2 Pro
> OpenLDAP - openldap2-2.3.3beta-0.1 (using a binary rpm from SuSE mirror)
Note: OpenLDAP 2.3.4 packages are available at
(and the mirrors).

> This version of OL is supposed to support ppolicy schema and that is the
> main reason I am testing it. Here are some observations that I have
> made, please correct me if I am wrong.
You are correct.

> The default backend database is BDB. But if the checkpointing directive
> is enabled with BDB, slapd server segfaults (invariably). If I disable
> this directive, issue goes away.
This was a problem with the default slapd.conf in our packages. Just move the 
"checkpoint" line below the "suffix" line. OpenLDAP from current CVS already 
issues an error message about this:
/etc/openldap/slapd.conf: line 70: "checkpoint" must occur after "suffix"
This seems to be new in OpenLDAP 2.3. Fixed packages are on their way to the 
ftp server. 

> If I change the backend to LDBM (as 
> that is what I use in my current production OpenLDAP server), then there
> is no segfault issue, but looks like only back-bdb or back-hdb can
> handle pagedResultsControl, so I decided to stick with BDB.
> I can successfully do a "ldapsearch" to the server, but I can't
> authenticate against it. The following lines can be seen in the server's
> log.
More details about the request that caused this behaviour would be helpful. 
But first you should try again with 2.3.4 packages.

> Jun 20 11:54:57 huttonlinux slapd[15029]: conn=3 op=2 RESULT tag=97
> err=53 text=control unavailable in context
> A detailed log (-d 9) gives this:
> slap_global_control: unavailable control:
> (seems to be ppolicy related control)
> send_ldap_result: conn=16 op=2 p=3
> send_ldap_response: msgid=3 tag=97 err=53


Ralf Haferkamp
SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409 Nuernberg
T: +49-911-74053-0
F: +49-911-74053575 - Ralf.Haferkamp@suse.com