[Date Prev][Date Next] [Chronological] [Thread] [Top]

repost: what makes client use mech=SIMPLE?

Hi,

I asked this before, but appearently no one took notice - or no one knows :(

I have many ubuntu 8.04 clients which all work fine with my ldap server.
I am now trying to connect a 10.04 client to the server - but login fails - and the only difference in output (in the debug file on the server) is the mech=SIMPLE line in the client that works. 

The one that works:
Aug 4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 BIND anonymous mech=implicit ssf=0 Aug 4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 BIND dn="cn=Klavs Klavsen,ou=People,dc=example,dc=net" method=128 Aug 4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 BIND dn="cn=Klavs Klavsen,ou=People,dc=example,dc=net" mech=SIMPLE ssf=0 Aug 4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 RESULT tag=97 err=0 text= 

The one that fails:
Aug 4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=2 BIND anonymous mech=implicit ssf=0 Aug 4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=2 BIND dn="cn=Klavs Klavsen,ou=People,dc=example,dc=net" method=128 Aug 4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=2 RESULT tag=97 err=49 text=
Any idea what makes the client try binding with mech=SIMPLE? or perhaps a hint as to why the first "method=128" doesn't work? 

I hope you have ideas :)
As to what I could find in the documentation method=128 (which they both use first) means SIMPLE-auth - so it "should" be the same they are doing.. obviously not - and "annoyingly" it's run over ldaps - so it's a bit harder to sniff :( 

Thank you in advance

--
Regards,
Klavs Klavsen, GSEC - kl@vsen.dk - http://www.vsen.dk

"Those who do not understand Unix are condemned to reinvent it, poorly."
  --Henry Spencer