[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3721) back-ldap/back-meta err=4 with saslauthd openldap 2.2.26

andrew.reilly@gmail.com wrote:

>Full_Name: Andrew Reilly
>Version: 2.2.26
>OS: RH Linux ES 3.0
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (
>When I point saslauthd directly at an openldap directory whether it is a master
>or a slave it works, but if I point it at a back-ldap instance the result is an
>err=4.  Now, from my reading err=4 occurs when a search exceeds the configured
>number of returns but the search being performed by saslauthd only returns one
>entry.  If I preform the exact same search via ldapsearch against the ldap-back
>instance it works.  I have tested against  2.2.23 and 2.2.26.  The log files
>listed below are from @(#) $OpenLDAP: slapd 2.2.26 (May  6 2005 11:18:53) $

>May 12 11:36:11 lnx-build slapd[19281]: SRCH "dc=tor,dc=company,dc=com" 2 0
>May 12 11:36:11 lnx-build slapd[19281]:     1 5 0 
saslauthd appears to use the equivalent of "-z 1 -l 5"

>A command line query of the same parameters:

>May 12 11:42:54 lnx-build slapd[19281]: SRCH "dc=tor,dc=company,dc=com" 2 0
>May 12 11:42:54 lnx-build slapd[19281]:     0 0 0 
...while you didn't use any; can you retry with "-z 1 -l 5"?

Unfortunately, I can't tell from the logs if you're using back-ldap (as 
you claim) or back-meta; in the latter case, you would be hitting the 
bug reported in ITS#3720, which I just fixed a couple minutes ago...  
Can you post your slapd.conf (at least the proxy part, which should be 
mostly relevant for this issue)?

Thanks, p.

    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497