Just some additional information: The apache group auth ldap works against 2.0.x server. It does not work against 2.1.x servers.
--- Begin Message ---
- To: 'OpenLdap' <openldap-software@OpenLDAP.org>
- Subject: Auth with group membership is failing.
- From: Brian Vandruff <brian@ink.org>
- Date: 10 Apr 2003 10:09:13 -0500
I have just attempted migrating to OpenLDAP 2.1.x from 2.0.x and am having a problem. I can't seem to auth on group membership but I can on valid user. This is from an apache web server. If there was some way to lookup these error numbers I suspect I could figure it out on my own. Is there a document explaining what the err codes mean? Here is my logfile content for the auth attempt at loglevel 4: What are err:16 and err:5? Am also curios about what the dnMatch values mean. Apr 10 09:54:14 somehost slapd[16348]: connection_get(12) Apr 10 09:54:14 somehost slapd[16350]: send_ldap_result: err=0 matched="" text="" Apr 10 09:54:14 somehost slapd[16348]: connection_get(12) Apr 10 09:54:14 somehost slapd[16350]: do_compare: dn (cn=agroup,ou=Groups,dc=domain,dc=org) attr (member) value (uid=brian,ou=people,dc=domain,dc=org) Apr 10 09:54:14 somehost slapd[16350]: send_ldap_result: err=16 matched="" text="" Apr 10 09:54:14 somehost slapd[16348]: connection_get(12) Apr 10 09:54:14 somehost slapd[16350]: do_compare: dn (cn=agroup,ou=Groups,dc=domain,dc=org) attr (uniqueMember) value (uid=brian,ou=people,dc=domain,dc=org) Apr 10 09:54:14 somehost slapd[16350]: dnMatch -1 "uid=brian,ou=People,dc=domain,dc=org" "uid=brian,ou=people,dc=domain,dc=org" Apr 10 09:54:14 somehost slapd[16350]: dnMatch 1 "uid=dadams,ou=People,dc=domain,dc=org" "uid=brian,ou=people,dc=domain,dc=org" Apr 10 09:54:14 somehost slapd[16350]: dnMatch 2 "uid=michael,ou=People,dc=domain,dc=org" "uid=brian,ou=people,dc=domain,dc=org" Apr 10 09:54:14 somehost slapd[16350]: dnMatch -1 "uid=lisa,ou=People,dc=domain,dc=org" "uid=brian,ou=people,dc=domain,dc=org" Apr 10 09:54:14 somehost slapd[16350]: dnMatch -1 "uid=kent,ou=People,dc=domain,dc=org" "uid=brian,ou=people,dc=domain,dc=org" Apr 10 09:54:14 somehost slapd[16350]: dnMatch 1 "uid=steve,ou=People,dc=domain,dc=org" "uid=brian,ou=people,dc=domain,dc=org" Apr 10 09:54:14 somehost slapd[16350]: send_ldap_result: err=5 matched="" text=""Attachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---
Attachment:
signature.asc
Description: This is a digitally signed message part