[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Slave slapd doesn't accept bind from slurpd
Hello,
I am trying to set up a slave slapd to function as a backup server to a system I am seting up and
slurpd on the server fails to connect to the backup slapd (it is rejected with the indication
"Invalid credentials").
I am debugging this setup for some time now and I have a feeling that something with authentication and
encryption mechanisms is not properly set up, rather than a bug.
Both hosts are P4 machines running redhat fedora (fully updated).
I have setup openldap to use TLS (no SASL or anything else) and I have created the cerificates and keys.
For the time being I am just testing the system (no system authentication transferred to ldap, yet).
I tried to check the source code if I can figure out what is going on and with a minor modification
I managed to get the system to work with cleartext passwords. I am sending some debugging messages in
case someone sees something familiar.
I have checked the archives and couldn't find anything relevant.
I would appreciate very much any suggestions. Many Thanks.
George Betzos
betzos@europe.com
----------------------------------------------------------------------------------------------
Log snippets follow, first without my modification and then with it and using cleartext passwords
...
slapd: connection_read(8): unable to get TLS client DN error=49 id=0
...
slapd: do_bind: version=3 dn="cn=backup,dc=uol,dc=bz" method=128
slapd: conn=0 op=0 BIND dn="cn=backup,dc=uol,dc=bz" method=128
...
slapd: <<< dnPrettyNormal: <cn=backup,dc=uol,dc=bz>, <cn=backup,dc=uol,dc=bz>
...
slapd: be_isroot_pw: stored: {SSHA}sshapass given: {SSHA}sshapass
slapd: => access_allowed: auth access to "cn=backup,dc=uol,dc=bz" "userPassword" requested
...
slapd: send_ldap_result: conn=0 op=0 p=3
slapd: send_ldap_result: err=49 matched="" text=""
slapd: send_ldap_response: msgid=1 tag=97 err=49
...
slapd: conn=0 op=0 RESULT tag=97 err=49 text=
...
slapd: connection_read(8): input error=-2 id=0, closing.
------------------------------------------------------------------------------
...
slapd: connection_read(8): unable to get TLS client DN error=49 id=0
...
slapd: do_bind: version=3 dn="cn=backup,dc=uol,dc=bz" method=128
slapd: conn=0 op=1 BIND dn="cn=backup,dc=uol,dc=bz" method=128
...
slapd: <<< dnPrettyNormal: <cn=backup,dc=uol,dc=bz>, <cn=backup,dc=uol,dc=bz>
...
slapd: be_isroot_pw: stored: {CLEARTEXT}ThisIsNOTSecure given: {CLEARTEXT}ThisIsNOTSecure
...
slapd: conn=0 op=1 BIND dn="cn=backup,dc=uol,dc=bz" mech=simple ssf=0
slapd: do_bind: v3 bind: "cn=backup,dc=uol,dc=bz" to "cn=backup,dc=uol,dc=bz"
slapd: send_ldap_result: conn=0 op=1 p=3
slapd: send_ldap_result: err=0 matched="" text=""
slapd: send_ldap_response: msgid=2 tag=97 err=0
...
<replication, etc>
...
slapd: ====> cache_delete_entry( 24 )
...
--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm