[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap auth does not works after openldap upgrade



On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay <andrew.findlay@skills-1st.co.uk> wrote:
On Wed, Feb 16, 2011 at 03:29:45PM -0800, Howard Chu wrote:

> >Similarly I cannot find anything that
> >clearly describes the use of SASL EXTERNAL with ldapi.
>
> http://tools.ietf.org/html/draft-chu-ldap-ldapi-00

Excellent, thanks. That one is remarkably hard to find without a direct
pointer. Could you add it to the doc/drafts directory in the source perhaps?

Andrew


Here is the search that Apache is doing. Note that "usuarios" in the search means "users" in portuguese. It doesn't seems even to check if the user really does part of the group defined in the apache config.

Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 fd=21 ACCEPT from IP=172.16.14.2:34691 (IP=0.0.0.0:389)
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=0 BIND dn="cn=root,dc=dominio,dc=com,dc=br" method=128
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=0 BIND dn="cn=root,dc=dominio,dc=com,dc=br" mech=SIMPLE ssf=0
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=0 RESULT tag=97 err=0 text=
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 SRCH base="ou=Usuarios,dc=dominio,dc=com,dc=br" scope=2 deref=3 filter="(&(objectClass=*)(uid=lscarneiro))"
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 SRCH attr=uid
Feb 17 11:11:39 fileserver slapd[2054]: <= bdb_equality_candidates: (uid) not indexed
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 ENTRY dn="uid=lscarneiro,ou=usuarios,dc=dominio,dc=com,dc=br"
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=2 BIND anonymous mech=implicit ssf=0
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=2 BIND dn="uid=lscarneiro,ou=Usuarios,dc=dominio,dc=com,dc=br" method=128
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=2 RESULT tag=97 err=49 text=
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=3 UNBIND
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 fd=21 closed