Re: using openldap with mac os x clients

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Tuesday, June 21, 2005 10:38 AM -0400 Darcy Kroeker 
<darcy.kroeker@gmail.com> wrote:

> Thanks for your help.
>
> I have upgraded to openldap 2.2.27 on your advice but I have the same
> problem.
>
> Just to be clear, I should emphasize that a basic ldap search from a
> mac (ie. ldapsearch) actually works. Here's an example of one that
> works:
>
> > ldapsearch -x -h "foo.uwaterloo.ca" -D
> > "uid=testguy,ou=People,dc=tcl,dc=com" -W -b 'dc=tcl,dc=com'
> > 'objectclass=posixAccount'
>
> Furthermore, the id command works as I expect it to:
>
> > id testguy
> uid=521(testguy) gid=502(cscfadm) groups=502(cscfadm)
>
> It is just when I take the final step and try to actually authenticate
> a user that the server crashes. Eg.
>
> > su -l testguy
> Passwd: *******
>
> crash!

Hm... well, this definitely shouldn't be happening.

Is it possible for you to get a backtrace from inside gdb of the slapd 
process before it cores?  You would need to compile slapd with debugging 
symbols and put in a non-stripped version of the binary.  You can build 
slapd with debugging symbols by setting

CFLAGS='-g -O2' CXXFLAGS='-g -O2'

in your environment before running configure.  After doing the make 
install, you need to copy the slapd from your 
<source>/servers/slapd/.libs/slapd directory to your install location to 
get the non-stripped version.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin