[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: "control unavailable in context" error even while using back-bdb

To: openldap-software@OpenLDAP.org
Subject: Re: "control unavailable in context" error even while using back-bdb
From: Ralf Haferkamp <rhafer@suse.de>
Date: Fri, 24 Jun 2005 11:13:04 +0200
Content-disposition: inline
In-reply-to: <s2bac205.009@n6mcgw16.cchmc.org>
References: <s2bac205.009@n6mcgw16.cchmc.org>
User-agent: KMail/1.8

On Thursday 23 June 2005 20:06, Prakash Velayutham wrote:
> Hi All,
>
> I am struggling to get a client machine to authenticate against an
> openldap server. Any help greatly appreciated.
>
> Server OS - SuSE 9.2 Pro
> OpenLDAP - openldap2-2.3.3beta-0.1 (using a binary rpm from SuSE mirror)
Note: OpenLDAP 2.3.4 packages are available at
ftp://ftp.suse.com/pub/project/OpenLDAP/2.3/
(and the mirrors).

> This version of OL is supposed to support ppolicy schema and that is the
> main reason I am testing it. Here are some observations that I have
> made, please correct me if I am wrong.
You are correct.

> The default backend database is BDB. But if the checkpointing directive
> is enabled with BDB, slapd server segfaults (invariably). If I disable
> this directive, issue goes away.
This was a problem with the default slapd.conf in our packages. Just move the 
"checkpoint" line below the "suffix" line. OpenLDAP from current CVS already 
issues an error message about this:
/etc/openldap/slapd.conf: line 70: "checkpoint" must occur after "suffix"
This seems to be new in OpenLDAP 2.3. Fixed packages are on their way to the 
ftp server. 

> If I change the backend to LDBM (as 
> that is what I use in my current production OpenLDAP server), then there
> is no segfault issue, but looks like only back-bdb or back-hdb can
> handle pagedResultsControl, so I decided to stick with BDB.
>
> I can successfully do a "ldapsearch" to the server, but I can't
> authenticate against it. The following lines can be seen in the server's
> log.
More details about the request that caused this behaviour would be helpful. 
But first you should try again with 2.3.4 packages.

> Jun 20 11:54:57 huttonlinux slapd[15029]: conn=3 op=2 RESULT tag=97
> err=53 text=control unavailable in context
>
> A detailed log (-d 9) gives this:
>
> slap_global_control: unavailable control: 1.3.6.1.4.1.42.2.27.8.5.1
> (seems to be ppolicy related control)
> send_ldap_result: conn=16 op=2 p=3
> send_ldap_response: msgid=3 tag=97 err=53

[..]

-- 
Ralf Haferkamp
SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409 Nuernberg
T: +49-911-74053-0
F: +49-911-74053575 - Ralf.Haferkamp@suse.com

References:
- "control unavailable in context" error even while using back-bdb
  - From: "Prakash Velayutham" <Prakash.Velayutham@cchmc.org>

Prev by Date: Bind problems when use userPassword in clear text.
Next by Date: Re: Failover Master setup
Index(es):
- Chronological
- Thread