[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: basic authentication error against ldap
- To: "Jose Correia (J)" <CorreiJ@telkom.co.za>, <openldap-software@OpenLDAP.org>
- Subject: RE: basic authentication error against ldap
- From: "Jose Correia (J)" <CorreiJ@telkom.co.za>
- Date: Fri, 30 Aug 2002 17:03:05 +0200
- Content-class: urn:content-classes:message
- Thread-index: AcJQIrUMxndHBNdbS9mheUb64yQlOAAEtCmg
- Thread-topic: basic authentication error against ldap
Hi all
Ok you all seemed to be in silence to my request so I figured there
must have been something posted earlier.
I found this :
http://www.openldap.org/lists/openldap-bugs/200206/msg00126.html
which says :
">The kbind code still exists but now must be manually enabled; it
will be
>removed
>completely at some future date. "
Now does this mean that support for ldapv2 has been completely
removed? Or can I still configure with "env ol_enable_kbind=yes
./configure ..."
I know most of you don't know the module mod_authz_ldap (vs0.20) but
does the error above mean that the module does not support ldapv3 and
is therefore sending a ldapv2 request.
Thanks in advance and please reply, even if it is to say to look
somewhere else... I am trying hard here...
Best regards
Jose Correia
-----Original Message-----
From: Jose Correia (J)
Sent: 30 August 2002 14:43
To: openldap-software@OpenLDAP.org
Subject: basic authentication error against ldap
Hi all
I'm using mod_authz_ldap in Apache to get basic authentication going
against openldap 2.1.3 (with Berkeley db). I've gotten as far as the
browser showing up the login dialog but then it doesn't accept my
login and pwd.
I started slapd with -d -1
and I'm getting:
ber_dump: buf=0x0811d270 ptr=0x0811d273 end=0x0811d29b len=40
0000: 60 26 02 01 02 04 19 63 6e 3d 4a 6f 73 65 2c 6f
`&.....cn=Jose,o
0010: 75 3d 75 73 65 72 73 2c 6f 3d 74 65 6c 6b 6f 6d
u=users,o=telkom
0020: 80 06 64 72 61 67 6f 6e ..testpwd
ber_scanf fmt (m}) ber:
ber_dump: buf=0x0811d270 ptr=0x0811d293 end=0x0811d29b len=8
0000: 00 06 64 72 61 67 6f 6e ..testpwd
>>> dnPrettyNormal: <cn=Jose,ou=users,o=telkom>
<<< dnPrettyNormal: <cn=Jose,ou=users,o=telkom>,
<cn=jose,ou=users,o=telkom>
do_bind: version=2 dn="cn=Jose,ou=users,o=telkom" method=128
conn=4 op=0 BIND dn="cn=Jose,ou=users,o=telkom" method=128
send_ldap_result: conn=4 op=0 p=2
send_ldap_result: err=2 matched="" text="requested protocol version
not allowed"
send_ldap_response: msgid=1 tag=97 err=2
ber_flush: 52 bytes to sd 13
0000: 30 32 02 01 01 61 2d 0a 01 02 04 00 04 26 72 65
02...a-......&re
0010: 71 75 65 73 74 65 64 20 70 72 6f 74 6f 63 6f 6c quested
protocol
0020: 20 76 65 72 73 69 6f 6e 20 6e 6f 74 20 61 6c 6c version
not all
0030: 6f 77 65 64 owed
ldap_write: want=52, written=52
0000: 30 32 02 01 01 61 2d 0a 01 02 04 00 04 26 72 65
02...a-......&re
0010: 71 75 65 73 74 65 64 20 70 72 6f 74 6f 63 6f 6c quested
protocol
0020: 20 76 65 72 73 69 6f 6e 20 6e 6f 74 20 61 6c 6c version
not all
0030: 6f 77 65 64 owed
What does "request protocol version not allowed" mean exactly? I'm
using IE5.0 to test this.
Thanks for any help.
Jose