[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unable to authenticate with "secondary" uids, slapd 2.4.23, centos5.5

--On Tuesday, December 14, 2010 3:02 PM -0600 Chan Wilson <chanwilson@gmail.com> wrote:

Hi all,

I have several LDAP trees and installs (2.4.23, centos 5.5, bdb) that
utilize "secondary" uids as the sites are in the process of migrating
user IDs.  In essence, allowing both "user" and "user.name" to
authenticate as the same "user" account:

dn: uid=user,ou=people,dc=example,dc=com
uid: user
uid: user.name

This has all been working beautifully since inception with 2.4.21. 
However, "something changed" either at the O/S level or slapd level to
break this, and I'm at a loss as to what to look at next.  When doing an
ldapsearch -D with the "secondary" uid, it fails, and the server-side has
a return from bdb_dn2id -- "get failed: DB_NOTFOUND: No matching key/data
pair found (-30988)", which implies that the BDB index file for uid
doesn't contain the additional uids.  Not sure how to look at that,
slapd_db_dump doesn't reveal anything human-parsable.

Does this ring any bells?  Was it just a fluke that this worked? 

Did you add an index and fail to run slapindex?



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration