[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Logging bind password
----- "Alfonsas Stonis" <alfonsasstonis@gmail.com> wrote:
> Hi,
>
> Is there any way to log password that was used during bind?
> I tried adding option
> loglevel 18446744073709551615
where did you find that documented? Since the log level is a mask, I doubt adding digits can help to any extent.
> and many other options. Nothing helps. I get the following output
> (without password)
>
> Oct 14 10:56:47 dr slapd[28331]: daemon: read activity on 12
> Oct 14 10:56:47 dr slapd[28331]: connection_get(12)
> Oct 14 10:56:47 dr slapd[28331]: connection_get(12): got connid=2
> Oct 14 10:56:47 dr slapd[28331]: connection_read(12): checking for
> input on id=2
> Oct 14 10:56:47 dr slapd[28331]: ber_get_next on fd 12 failed
> errno=11
> (Resource temporarily unavailable)
> Oct 14 10:56:47 dr slapd[28331]: daemon: select: listen=6
> active_threads=0 tvp=NULL
> Oct 14 10:56:47 dr slapd[28331]: daemon: select: listen=7
> active_threads=0 tvp=NULL
> Oct 14 10:56:47 dr slapd[28331]: do_bind
> Oct 14 10:56:47 dr slapd[28331]: >>> dnPrettyNormal:
> <cn=jbaker007,ou=users,o=arhub>
> Oct 14 10:56:47 dr slapd[28331]: <<< dnPrettyNormal:
> <cn=jbaker007,ou=users,o=arhub>, <cn=jbaker007,ou=users,o=arhub>
> Oct 14 10:56:47 dr slapd[28331]: do_bind: version=3
> dn="cn=jbaker007,ou=users,o=arhub" method=128
> Oct 14 10:56:47 dr slapd[28331]: conn=2 op=0 BIND
> dn="cn=jbaker007,ou=users,o=arhub" method=128
> Oct 14 10:56:47 dr slapd[28331]: ==> bdb_bind: dn:
> cn=jbaker007,ou=users,o=arhub
> Oct 14 10:56:47 dr slapd[28331]:
> bdb_dn2entry("cn=jbaker007,ou=users,o=arhub")
> Oct 14 10:56:47 dr slapd[28331]: => access_allowed: auth access to
> "cn=jbaker007,ou=users,o=arhub" "userPassword" requested
> Oct 14 10:56:47 dr slapd[28331]: => acl_get: [1] attr userPassword
> Oct 14 10:56:47 dr slapd[28331]: => acl_mask: access to entry
> "cn=jbaker007,ou=users,o=arhub", attr "userPassword" requested
> Oct 14 10:56:47 dr slapd[28331]: => acl_mask: to all values by "",
> (=n)
> Oct 14 10:56:47 dr slapd[28331]: <= check a_dn_pat: ou=rba,o=arhub
> Oct 14 10:56:47 dr slapd[28331]: <= check a_dn_pat: self
> Oct 14 10:56:47 dr slapd[28331]: <= check a_dn_pat: *
> Oct 14 10:56:47 dr slapd[28331]: <= acl_mask: [3] applying auth(=x)
> (stop)
> Oct 14 10:56:47 dr slapd[28331]: <= acl_mask: [3] mask: auth(=x)
> Oct 14 10:56:47 dr slapd[28331]: => access_allowed: auth access
> granted by auth(=x)
> Oct 14 10:56:47 dr slapd[28331]: send_ldap_result: conn=2 op=0 p=3
> Oct 14 10:56:47 dr slapd[28331]: send_ldap_result: err=49 matched=""
> text=""
> Oct 14 10:56:47 dr slapd[28331]: send_ldap_response: msgid=1 tag=97
> err=49
> Oct 14 10:56:47 dr slapd[28331]: conn=2 op=0 RESULT tag=97 err=49
> text=
> Oct 14 10:56:47 dr slapd[28331]: daemon: activity on 1 descriptors
> Oct 14 10:56:47 dr slapd[28331]: daemon: activity on:
>
> The problem is that I know that I have correct password but ldap
> keeps
> rejecting it. So, I need to test maybe application is somehow
> changing
> it, but I can not see it.
> Can someone help me?
Try "packets"; you'll get something like
slapd starting
ldap_read: want=8, got=8
0000: 30 2e 02 01 01 60 29 02 0....`).
ldap_read: want=40, got=40
0000: 01 03 04 1c 63 6e 3d 6d 61 6e 61 67 65 72 2c 64 ....cn=manager,d
0010: 63 3d 65 78 61 6d 70 6c 65 2c 64 63 3d 63 6f 6d c=example,dc=com
0020: 80 06 73 65 63 72 65 74 ..secret
ldap_read: want=8 error=Resource temporarily unavailable
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando@sys-net.it
-----------------------------------