[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: idassert-bind seems to ignore binddn

Thanks for your response. I'm surprised Ubuntu's most recent LTS is shipping such an old version of OpenLDAP!

I just built and installed 2.4.40 packages on Ubuntu 14.04 from Debian Jesse's 2.4.40 source. Unfortunately slapd returns the same results as 2.4.31 and a packet capture shows the same binding behavior.


On Thu, Apr 30, 2015 at 6:25 PM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
--On Thursday, April 30, 2015 6:32 PM -0700 Ryan Lovett <rylo@berkeley.edu> wrote:


I've setup a simple proxy so that local LDAP clients can get access to
protected attributes on a remote server. My proxy is slapd 2.4.31 with

What am I doing wrong? Any advice is greatly appreciated!

The first thing you're doing wrong is running a version of OpenLDAP that is so ancient.

OpenLDAP 2.4.31 Release (2012/04/21)

I.e., it's over 3 years old.

There have been multiple fixes to slapd-ldap since that release.  This one in particular may be related:

OpenLDAP 2.4.33 Release (2012/10/10)
       Fixed slapd-ldap idassert bind handling (ITS#7403)



Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
Zimbra ::  the leader in open source messaging and collaboration