[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Report: apache auth_ldap and "DSA is unwilling to perform"
Good day,
I posted this message three days ago, but unfortunately didn't receive a
reply.
I don't mean to spam the list, but, I could really use some insight on why
OpenLDAP is behaving so oddly.
This is starting to become a big problem for me, as I have a monitoring
screen that refreshes every few minutes, and occasionally it will come up
with the "Authorization Required" page, requiring a user to go the machine
and manually refresh the browser page to bring up the monitoring web page.
Thanks in advance,
============================
Darren Gamble
Planner, Regional Services
Shaw Cablesystems GP
630 - 3rd Avenue SW
Calgary, Alberta, Canada
T2P 4L4
(403) 781-4948
> -----Original Message-----
> From: Darren Gamble [mailto:Darren.Gamble@sjrb.ca]
> Sent: Monday, July 22, 2002 1:51 PM
> To: openldap-software@OpenLDAP.org
> Subject: apache auth_ldap and "DSA is unwilling to perform"
>
>
> Good day,
>
> I've set up auth_ldap with apache and configured it to query
> a local LDAP
> server. It works properly... most of the time.
>
> Occasionally, auth_ldap's queries against the server fail. The server
> responds with error code 53 - "DSA is unwilling to perform". The next
> second, it will start working again.
>
> The OpenLDAP documentation says that this error is either
> returned if the
> operation isn't possible due to the backend, etc. (which I can't see
> applying here) or if there is a resource problem, in which
> case it instructs
> the user to check the LDAP logs to determine what the problem is.
> Unfortunately, the log doesn't indicate that. Here's all it has:
>
>
> Jul 22 12:05:10 host slapd[14568]: conn=868 op=13 SRCH
> base="ou=People,ou=Accounts,o=Shaw Cablesystems,c=CA" scope=2
> filter="(&(objectClass=*)(uid=dgamble))"
>
> Jul 22 12:05:10 host slapd[14568]: conn=868 op=13 RESULT
> tag=101 err=53
> text=authentication required
>
> ... and, as mentioned, it will just start working again the
> next moment.
>
>
> auth_ldap logs:
>
>
> [Fri Jul 19 12:48:54 2002] [error] [client X.X.X.X] LDAP search for
> (&(Objectclass=*)(uid=dgamble)) failed: LDAP error: DSA is
> unwilling to
> perform; URI /url
>
>
> The machine is lightly loaded with ample memory and disk
> space. There are
> only a handful of LDAP queries per minute.
>
> I don't really see any rhyme or reason to the errors; they just
> spontaneously happen during the day.
>
> I've also Googled for a resolution, and I have found a
> handful of people
> writing in with this problem, but no resolutions.
>
> Why would the LDAP server return this error code out of the
> blue, but work
> fine the other 99% of the time? Is there anything else that
> I could be
> looking for?
>
> We're running openldap-2.0.21 and auth_ldap-1.6.0 on Red Hat 7.2 .
>
> Thanks in advance,
>
> ============================
> Darren Gamble
> Planner, Regional Services
> Shaw Cablesystems GP
> 630 - 3rd Avenue SW
> Calgary, Alberta, Canada
> T2P 4L4
> (403) 781-4948
>