Re: Problem with iPlanet Web Server 4.1 and OpenLDAP

[JBourne@MtRoyal.AB.CA]

This is because iPlanet Ent 4.1 does a version 3 connect to the LDAP 
server, so the server rejects the connection.

What I've had to do here (until 2.0 becomes stable) is tell the LDAP 
server to accept the version 3 connect, then authentication started 
working.

Regards,
Jim

---
James Bourne, Web Systems Administrator
Mount Royal College, Calgary, AB, CA
www.mtroyal.ab.ca






KMuller@nea.org
Sent by: owner-openldap-software@OpenLDAP.org
08/17/00 08:25 AM
Please respond to KMuller

 
        To:     openldap-software@OpenLDAP.org
        cc: 
        Subject:        Problem with iPlanet Web Server 4.1 and OpenLDAP

We are in the process of upgrading from Netscape Enterprise Web Server 3.6 
to 
iPlanet Enterprise Web Server 4.1. We were using OpenLDAP 1.2 as the LDAP 
authentication database for the 3.6 server but the 4.1 server gets the 
following error in the log when it attempts to authenticate a user against 
the 
OpenLDAP server:


[15/Aug/2000:17:52:12] security (  217): [NSACL4330] ACL_GetAttribute: 
attr 
getter failed to get user 
                 [NSACL4330] ACL_GetAttribute: attr getter failed to get 
isvalid-password 
                 [NSACL5860] ldap password check: LDAP error: "ldaputil 
internal error" 

                 [NSACL4330] ACL_GetAttribute: attr getter failed to get 
user 


Here is the debug output from OpenLDAP during this request:

slapd starting
do_bind
do_bind: version 3 dn (cn=manager, o=nea) method 128
unknown version 3
send_ldap_result 2::version not supported

Could this be that the 4.1 is attempting to bind using ldapv3 which 
OpenLDAP 
doesn't support? Does anybody have any ideas how to resolve this problem? 
Any 
help you can provide is greatly appreciated.

Thanks,
Ken


KMuller@nea.org