[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: What's the magic to allowing version 2 binds?
> Ok, I have installed openldap 2.1.8 running on a linux box at kernel
> version 2.4.18 (slackware to be precise)
> I'm running bdb:
>
> Nov 24 21:04:59 belgarath slapd[6129]: bdb_open: Sleepycat Software:
> Berkeley DB 4.1.24: (September 13, 2002)
> Nov 24 21:04:59 belgarath slapd[6129]: bdb_db_init: Initializing BDB
> database Nov 24 21:04:59 belgarath slapd[6129]: slapd starting
>
> Here is the relavent areas of my slapd.conf file:
>
> # Sample access control policy:
> allow bind_v2
Are you sure you added the above reported line to slapd.conf?
> Allow read access of root DSE
> Allow self write access
> Allow authenticated users read access
> Allow anonymous users to authenticate
Did you really add the above reported lines to slapd.conf?
> # Directives needed to implement policy:
> access to dn.base="" by * read
> access to *
> by self write
> by users read
> by anonymous auth
> #
> # if no access controls are present, the default policy is:
> # Allow read by all
> #
> # rootdn can always write!
>
> I can connect just fine using GQ and LDAP browswer/editor v2.8.2 using
> ldap v3. Using the Ldap browser/editor in ldap v2 mode and i can't
> connect and get this in the logs (as well as other "ldap aware" clients
> that are using ldap v2 protocal):
>
> Nov 24 21:05:11 belgarath slapd[6129]: daemon: conn=0 fd=10 connection
> from IP=192.168.0.3:3621 (IP=0.0.0.0:389) accepted.
> Nov 24 21:05:11 belgarath slapd[6129]: conn=0 op=0 BIND dn="" method=128
> Nov 24 21:05:11 belgarath slapd[6129]: conn=0 op=0 RESULT tag=97 err=2
> text=requested protocol version not allowed
> Nov 24 21:05:11 belgarath slapd[6129]: conn=0 fd=10 closed
Then, if your clients are SO hosed, all you can try is:
read slapd.conf(5) )(the one that comes with 2.1.8, not
earlier ones) and play with other "allow" directives.
Pierangelo.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it