[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP issue - Puzzling
- To: <openldap-software@OpenLDAP.org>
- Subject: OpenLDAP issue - Puzzling
- From: "Marc Suttle" <marc.suttle@anidirect.com>
- Date: Thu, 26 Jan 2006 11:45:14 -0600
- Content-class: urn:content-classes:message
- Thread-index: AcYioEM39uVQVG+7QXGTdFHnJY6iBA==
- Thread-topic: OpenLDAP issue - Puzzling
Hello list,
I have an encryption system that is doing LDAP queries for user
authentication. On my test systems everything went perfect.
Here is a snippet from the log on the successful server with
loglevel=256:
Jan 26 00:44:03 openldap slapd[29775]: conn=6 fd=10 ACCEPT from
IP=172.16.1.50:35266 (IP=0.0.0.0:389)
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" method=128
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" mech=SIMPLE ssf=0
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=0 RESULT tag=97 err=0
text=
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=1 SRCH base="" scope=0
deref=0 filter="(objectClass=*)"
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=1 SRCH
attr=namingContexts
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=2 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0
filter="(|(uid=msuttle)(?=undefined))"
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=2 SRCH attr=uid
sAMAccountName
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=3 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0
filter="(|(uid=msuttle)(?=undefined))"
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=3 SRCH attr=dn
Jan 26 00:44:03 openldap slapd[29775]: conn=6 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=6 fd=10 closed
Jan 26 00:44:03 openldap slapd[29775]: conn=7 fd=13 ACCEPT from
IP=172.16.1.50:35267 (IP=0.0.0.0:389)
Jan 26 00:44:03 openldap slapd[29775]: conn=7 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" method=128
Jan 26 00:44:03 openldap slapd[29775]: conn=7 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" mech=SIMPLE ssf=0
Jan 26 00:44:03 openldap slapd[29775]: conn=7 op=0 RESULT tag=97 err=0
text=
Jan 26 00:44:03 openldap slapd[29775]: conn=7 fd=13 closed
Jan 26 00:44:03 openldap slapd[29775]: conn=8 fd=10 ACCEPT from
IP=172.16.1.50:35268 (IP=0.0.0.0:389)
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" method=128
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" mech=SIMPLE ssf=0
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=0 RESULT tag=97 err=0
text=
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=1 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0 filter="(uid=msuttle)"
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=1 SRCH attr=mail
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=2 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0 filter="(uid=msuttle)"
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=2 SRCH attr=cn
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=3 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0 filter="(uid=msuttle)"
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=3 SRCH attr=uid
sAMAccountName
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=4 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0 filter="(uid=msuttle)"
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=4 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=5 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0 filter="(uid=msuttle)"
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=5 SRCH
attr=userCertificate;binary
Jan 26 00:44:03 openldap slapd[29775]: conn=8 op=5 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:03 openldap slapd[29775]: conn=8 fd=10 closed
Jan 26 00:44:04 openldap slapd[29775]: conn=9 fd=10 ACCEPT from
IP=172.16.1.50:35270 (IP=0.0.0.0:389)
Jan 26 00:44:04 openldap slapd[29775]: conn=9 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" method=128
Jan 26 00:44:04 openldap slapd[29775]: conn=9 op=0 BIND
dn="cn=msuttle,dc=anidirect,dc=com" mech=SIMPLE ssf=0
Jan 26 00:44:04 openldap slapd[29775]: conn=9 op=0 RESULT tag=97 err=0
text=
Jan 26 00:44:04 openldap slapd[29775]: conn=9 op=1 SRCH
base="dc=anidirect,dc=com" scope=2 deref=0 filter="(uid=msuttle)"
Jan 26 00:44:04 openldap slapd[29775]: conn=9 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 26 00:44:04 openldap slapd[29775]: conn=9 fd=10 closed
Here is a snippet from the log on the unsuccessful server with
loglevel=256:
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 fd=12 ACCEPT from
IP=10.10.10.4:33561 (IP=0.0.0.0:389)
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=0 BIND
dn="cn=msuttle,dc=anisecured,dc=com" method=128
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=0 BIND
dn="cn=msuttle,dc=anisecured,dc=com" mech=SIMPLE ssf=0
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=0 RESULT tag=97 err=0
text=
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=1 SRCH base="" scope=0
deref=0 filter="(objectClass=*)"
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=1 SRCH attr=namingContexts
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=2 SRCH
base="dc=anisecured,dc=com" scope=2 deref=0
filter="(|(uid=lcompton)(?=undefined))"
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=2 SRCH attr=uid
sAMAccountName
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=2 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=3 SRCH
base="dc=anisecured,dc=com" scope=2 deref=0
filter="(|(uid=lcompton)(?=undefined))"
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=3 SRCH attr=dn
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 25 16:33:21 ldap1 slapd[5311]: conn=54 fd=12 closed
Jan 25 16:33:21 ldap1 slapd[5311]: conn=55 fd=12 ACCEPT from
IP=10.10.10.4:33562 (IP=0.0.0.0:389)
Jan 25 16:33:21 ldap1 slapd[5311]: conn=55 op=0 BIND
dn="cn=lcompton,dc=anisecured,dc=com" method=128
Jan 25 16:33:21 ldap1 slapd[5311]: conn=55 op=0 BIND
dn="cn=lcompton,dc=anisecured,dc=com" mech=SIMPLE ssf=0
Jan 25 16:33:21 ldap1 slapd[5311]: conn=55 op=0 RESULT tag=97 err=0
text=
Jan 25 16:33:21 ldap1 slapd[5311]: conn=55 fd=12 closed
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 fd=21 ACCEPT from
IP=10.10.10.4:33563 (IP=0.0.0.0:389)
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 op=0 BIND
dn="cn=msuttle,dc=anisecured,dc=com" method=128
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 op=0 BIND
dn="cn=msuttle,dc=anisecured,dc=com" mech=SIMPLE ssf=0
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 op=0 RESULT tag=97 err=0
text=
Jan 25 16:33:21 ldap1 slapd[5311]: connection_input: conn=56 deferring
operation: binding
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 op=1 SRCH
base="dc=anisecured,dc=com" scope=2 deref=0 filter="(uid=lcompton)"
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 op=1 SRCH attr=mail
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Jan 25 16:33:21 ldap1 slapd[5311]: conn=56 fd=21 closed
Both systems are running CentOS 4.2 and the same version of OpenLDAP
from the cd's and updated with yum. The new system has the default tls
certs in use. I also have a third centos system I can test from. I
really need help on this one as I am facing a deadline to get the
encryption system up and running.
Any help is appreciated,
Marc