[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
LDAP + SASL DIGEST-MD5: can't contact LDAP server(81) bec ber_get_next failed
Hello,
I'm struggling with openldap-2.1.25 using SASL
Digest-MD5 mechanism. Ldapsearch keeps giving me
'ldap_result: can't contact ldap server (81)'
[root@localhost root]# ldapsearch -U \
admin@localhost.localdomain -b 'dc=dsssasia,dc=com' -d
9
....
sasl_client_step: 0
SASL username: admin@localhost.localdomain
SASL SSF: 128
SASL installing layers
ldap_pvt_sasl_install
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#
ldap_search_ext
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_send_initial_request
ldap_send_server_request
ber_flush: 57 bytes to sd 3
ldap_result msgid -1
ldap_chkResponseList for msgid=-1, all=0
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid -1
wait4msg continue, msgid -1, all 0
** Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Tue Feb 17 18:35:51 2004
** Outstanding Requests:
* msgid 4, origid 4, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=-1, all=0
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid -1, all 0
ber_get_next
ber_get_next failed.
ldap_perror
ldap_result: Can't contact LDAP server (81)
ldap_unbind
ldap_free_request (origid 4, msgid 4)
ldap_free_connection
ldap_send_unbind
ber_flush: 7 bytes to sd 3
ldap_free_connection: actually freed
[root@localhost root]
While, on the ldap server side, I got segmentation
fault:
[root@localhost local]# slapd -d 256
bdb_initialize: Sleepycat Software: Berkeley DB
4.1.25: (December 19, 2002)
bdb_db_init: Initializing BDB database
slapd starting
conn=0 fd=10 ACCEPT from IP=127.0.0.1:33142
(IP=0.0.0.0:389)
conn=0 op=0 SRCH base="" scope=0
filter="(objectClass=*)"
conn=0 op=0 SRCH attr=supportedSASLMechanisms
conn=0 op=0 RESULT tag=101 err=0 text=
conn=0 op=1 BIND dn="" method=163
conn=0 op=2 BIND dn="" method=163
conn=0 op=0 RESULT tag=101 err=32 text=
conn=0 op=2 BIND authcid="admin@localhost.localdomain"
conn=0 op=2 BIND
dn="uid=admin,cn=localhost.localdomain,cn=digest-md5,cn=auth"
mech=DIGEST-MD5 ssf=128
Segmentation fault
[root@localhost local]
Anybody knows what can cause the ber_get_next to fail
?
What are the steps that need to be done to get the
openldap to authenticate using digest-md5 ? Maybe I
miss out some important steps...
Btw, I'm using Cyrus-SASL 2.1.15 and
BerkeleyDB.4.1...and the secret password is stored in
sasldb database
*****************
My slapd.conf:
*****************
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
loglevel 256
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
database bdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}fyDZM3nd+5lV1VU8zK3qH/JRfcDFpJEe
directory /var/lib/ldap
index objectClass eq
index cn,uid pres,eq
pasword-hash {CLEARTEXT}
sasl-regexp uid=(.*),cn=(.*),cn=DIGEST-MD5,cn=auth
ldap:///dc=example,dc=com??sub?(uid=$1)
access to *
by * read
Thank you,
-lara-
=====
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/