[Date Prev][Date Next] [Chronological] [Thread] [Top]

Unable to authenticate with "secondary" uids, slapd 2.4.23, centos5.5

Hi all,

I have several LDAP trees and installs (2.4.23, centos 5.5, bdb) that utilize "secondary" uids as the sites are in the process of migrating user IDs.  In essence, allowing both "user" and "user.name" to authenticate as the same "user" account:

dn: uid=user,ou=people,dc=example,dc=com
uid: user
uid: user.name

This has all been working beautifully since inception with 2.4.21.  However, "something changed" either at the O/S level or slapd level to break this, and I'm at a loss as to what to look at next.  When doing an ldapsearch -D with the "secondary" uid, it fails, and the server-side has a return from bdb_dn2id -- "get failed: DB_NOTFOUND: No matching key/data pair found (-30988)", which implies that the BDB index file for uid doesn't contain the additional uids.  Not sure how to look at that, slapd_db_dump doesn't reveal anything human-parsable.

Does this ring any bells?  Was it just a fluke that this worked?