[Date Prev][Date Next] [Chronological] [Thread] [Top]

Slave slapd doesn't accept bind from slurpd

To: openldap-software@OpenLDAP.org
Subject: Slave slapd doesn't accept bind from slurpd
From: "George Betzos" <betzos@europe.com>
Date: Tue, 04 May 2004 10:54:58 -0500
Cc: betzos@europe.com
Content-disposition: inline

 
Hello, 
 
I am trying to set up a slave slapd to function as a backup server to a system I am seting up and 
slurpd on the server fails to connect to the backup slapd (it is rejected with the indication 
"Invalid credentials"). 
 
I am debugging this setup for some time now and I have a feeling that something with authentication and 
encryption mechanisms is not properly set up, rather than a bug. 
 
Both hosts are P4 machines running redhat fedora (fully updated). 
 
I have setup openldap to use TLS (no SASL or anything else) and I have created the cerificates and keys. 
For the time being I am just testing the system (no system authentication transferred to ldap, yet). 
 
I tried to check the source code if I can figure out what is going on and with a minor modification 
I managed to get the system to work with cleartext passwords. I am sending some debugging messages in 
case someone sees something familiar. 
 
I have checked the archives and couldn't find anything relevant. 
 
I would appreciate very much any suggestions. Many Thanks. 
 
George Betzos 
betzos@europe.com 
 
----------------------------------------------------------------------------------------------  
 
Log snippets follow, first without my modification and then with it and using cleartext passwords 
 
... 
slapd: connection_read(8): unable to get TLS client DN error=49 id=0 
... 
slapd: do_bind: version=3 dn="cn=backup,dc=uol,dc=bz" method=128 
slapd: conn=0 op=0 BIND dn="cn=backup,dc=uol,dc=bz" method=128 
... 
slapd: <<< dnPrettyNormal: <cn=backup,dc=uol,dc=bz>, <cn=backup,dc=uol,dc=bz> 
... 
slapd: be_isroot_pw: stored: {SSHA}sshapass given: {SSHA}sshapass 
slapd: => access_allowed: auth access to "cn=backup,dc=uol,dc=bz" "userPassword" requested 
... 
slapd: send_ldap_result: conn=0 op=0 p=3 
slapd: send_ldap_result: err=49 matched="" text="" 
slapd: send_ldap_response: msgid=1 tag=97 err=49 
... 
slapd: conn=0 op=0 RESULT tag=97 err=49 text= 
... 
slapd: connection_read(8): input error=-2 id=0, closing. 
                                                                                 
------------------------------------------------------------------------------ 
 
... 
slapd: connection_read(8): unable to get TLS client DN error=49 id=0 
... 
slapd: do_bind: version=3 dn="cn=backup,dc=uol,dc=bz" method=128 
slapd: conn=0 op=1 BIND dn="cn=backup,dc=uol,dc=bz" method=128 
... 
slapd: <<< dnPrettyNormal: <cn=backup,dc=uol,dc=bz>, <cn=backup,dc=uol,dc=bz> 
... 
slapd: be_isroot_pw: stored: {CLEARTEXT}ThisIsNOTSecure given: {CLEARTEXT}ThisIsNOTSecure 
... 
slapd: conn=0 op=1 BIND dn="cn=backup,dc=uol,dc=bz" mech=simple ssf=0 
slapd: do_bind: v3 bind: "cn=backup,dc=uol,dc=bz" to "cn=backup,dc=uol,dc=bz" 
slapd: send_ldap_result: conn=0 op=1 p=3 
slapd: send_ldap_result: err=0 matched="" text="" 
slapd: send_ldap_response: msgid=2 tag=97 err=0 
... 
<replication, etc> 
... 
slapd: ====> cache_delete_entry( 24 ) 
... 
 
-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

Follow-Ups:
- Re: Slave slapd doesn't accept bind from slurpd
  - From: D.M.Lewney@sussex.ac.uk (Dave Lewney)

Prev by Date: phpLDAPadmin 0.9.4 released
Next by Date: Re: Adding multiple entries defined in ldif to ldap..?
Index(es):
- Chronological
- Thread