[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8044) openldap 2.4.39-8.el6: issue causing server unavailability

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8044) openldap 2.4.39-8.el6: issue causing server unavailability
From: Diana.Scannicchio@cern.ch
Date: Mon, 23 Feb 2015 15:29:34 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

I checked and the appropriate credentials are used, nothing in the configur=
ation changed between this version (2.4.39-8) and the previous one(s).

These are the corresponding lines of the slapd.conf on the consumer:

overlay                    chain
chain-rebind-as-user       FALSE
chain-uri                  "ldap://ldap_provider:389";
chain-rebind-as-user       TRUE
chain-idassert-bind        bindmethod=3D"simple"
                           binddn=3D"cn=3DManager,ou=3Datlas,o=3Dcern,c=3Dc=
h"
                           credentials=3D"ldap_manager_pw"
                           mode=3D"self"
#chain-tls                  start
chain-return-error         TRUE

Unless you spot something wrong in the configuration attached to the initia=
l mail, there should be something else different between this non-working v=
ersion and the previous ones,

Thank you and best regards,

Diana


On 17 Feb 2015, at 12:55, hyc@symas.com wrote:

> Diana.Scannicchio@cern.ch wrote:
>> Is there anybody that could help on this issue?=3D20
>> this version of openldap is not usable, so I would like to understand wh=
ich=3D
>>  is the problem and if can be fixed.
>> Thank you and best regards,
>=20
> The error message you're referring to was added in the patch for this ITS
>=20
> http://www.openldap.org/its/index.cgi/Software%20Bugs?id=3D6851;selectid=
=3D6851
>=20
> Check that you've configured appropriate credentials if you're using idas=
sert on the target URI.
>>=20
>> Diana
>>=20
>>=20
>> On 02 Feb 2015, at 20:56, diana.scannicchio@cern.ch wrote:
>>=20
>>> Should not, I did not enable it in the slapd.conf.
>>> =3D20
>>> Diana
>>> =3D20
>>> On 02 Feb 2015, at 20:34, <michael@stroeder.com> <michael@stroeder.com>=
 w=3D
>> ro=3D3D
>>> te:
>>> =3D20
>>>> Is SSL/TLS part of the game?
>>>> =3D3D20
>>>> Ciao, Michael.
>>>> =3D3D20
>>>> =3D3D20
>>>> =3D3D20
>>>> =3D3D20
>>> =3D20
>>> -
>>> Diana Scannicchio
>>> University of California, Irvine
>>> ATLAS TDAQ SysAdmin group
>>> Office: +41 22 76 75240
>>> OnCall: 164851
>>> =3D20
>>> =3D20
>>> =3D20
>>> =3D20
>>> =3D20
>>> =3D20
>>> =3D20
>>> =3D20
>>> =3D20
>>=20
>> -
>> Diana Scannicchio
>> University of California, Irvine
>> ATLAS TDAQ SysAdmin group
>> Office: +41 22 76 75240
>> OnCall: 164851
>>=20
>>=20
>>=20
>>=20
>>=20
>>=20
>>=20
>>=20
>>=20
>>=20
>=20
>=20
> --=20
>   -- Howard Chu
>   CTO, Symas Corp.           http://www.symas.com
>   Director, Highland Sun     http://highlandsun.com/hyc/
>   Chief Architect, OpenLDAP  http://www.openldap.org/project/
>=20
>=20
>=20

-
Diana Scannicchio
University of California, Irvine
ATLAS TDAQ SysAdmin group
Office: +41 22 76 75240
OnCall: 164851

Prev by Date: Re: (ITS#8027) ldapsearch -E deref=member: crashes slapd
Next by Date: (ITS#8062) Assertion 'IS_LEAF(mp)' failed in mdb_cursor_next()
Index(es):
- Chronological
- Thread