[Date Prev][Date Next] [Chronological] [Thread] [Top]

Issue upgrading openldap-clients from 2.4.19-15 to 2.4.23-20

To: openldap-technical@openldap.org
Subject: Issue upgrading openldap-clients from 2.4.19-15 to 2.4.23-20
From: Esther Garcia <fulletverde@gmail.com>
Date: Wed, 23 May 2012 18:37:51 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=6EZD98wOMeDxdD1KGHosxbG8uF/DUL9FCX8762R6qrQ=; b=PVSI0Dw44jw8DYEvlLZoBwB4Tb6+rkiWGwM8LaBL5rkdC8xJSN+JUDM/VIO4g56sRB ER0ohu0p2XktvJOUJ18n8pXwFesl5DH+OwRyhVmAmrmufiN/8WDHxouFr1PDLdxyVffi 08wiORX6QV3bJ51hdHXFhPczEZMsPo3SgHiUwUT1FMPu0QGeuLt+5rieXTc3c2boWe9w ZU0q8OQrjsb3lNA1Kx8daxIIGjTwUEDVn9i+kum14ycrW6NTRh08L4UBGIoKN2/VGHh+ 7HHdIUf0nphsTW9kgfxkg4dU9F5DDY0zr8iH85rKZNGKC2RqBed+sv9KfGWMF8Kex9Zl 7VfA==

Hi all,

We have an OpenLDAP server (RHEL6) running version 2.4.23-15, and we have clients in RHEL5 and RHEL6.

With clients in RHEL5 works properly but I found some problems with RHEL6 clients in versions newer than 2.4.19-15.

In the clients, if I try to upgrade to new versions than 2.4.19-15 then the client stops working:

[root@XX ~]# rpm -qa | grep openldap

openldap-2.4.19-15.el6.x86_64
openldap-clients-2.4.19-15.el6.x86_64
[root@XX ~]# ldapsearch -x -D 'cn=authenticate, ou=System,dc=test, dc=es' '(objectclass=*)' -W -ZZ

Enter LDAP Password:
# extended LDIF
#
# LDAPv3
......
[root@XX ~]# id esther
uid=63004(esther) gid=50041(test) groups=50041(test)

[root@XX ~]# yum upgrade openldap*
.....
Updating : openldap-2.4.23-20.el6.x86_64 1/4

warning: /etc/openldap/ldap.conf created as /etc/openldap/ldap.conf.rpmnew
Updating : openldap-clients-2.4.23-20.el6.x86_64 2/4

Cleanup : openldap-clients-2.4.19-15.el6.x86_64 3/4

Cleanup : openldap-2.4.19-15.el6.x86_64 4/4

Updated:
openldap.x86_64 0:2.4.23-20.el6 openldap-clients.x86_64 0:2.4.23-20.el6

Complete!

[root@XX ~]# service nslcd restart
Stopping nslcd: [ OK ]

Starting nslcd: [ OK ]
[root@XX ~]# id esther
id: esther: No such user
[root@XX ~]# ldapsearch -x -D 'cn=authenticate, ou=System,dc=test, dc=es' '(objectclass=*)' -W -ZZ

ldap_start_tls: Connect error (-11)

I have the same configuration files that used with the older version. I use these configuration files:

/etc/pam_ldap.conf:
base dc=test,dc=es
binddn cn=authenticate,ou=System,dc=test,dc=es
bindpw XXXX
timelimit 120
bind_timelimit 120
idle_timelimit 3600
pam_lookup_policy yes
pam_password exop
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm

ssl start_tls
uri ldap://ldap1-test ldap://ldap2-test
tls_cacertdir /etc/openldap/cacerts
pam_password md5

/etc/nslcd.conf

uid nslcd
gid ldap
uri ldap://ldap1-test ldap://ldap2-test
base dc=test,dc=es
binddn cn=authenticate,ou=System,dc=test,dc=es

bindpw XXXX
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
timelimit 120
bind_timelimit 120
idle_timelimit 3600

/etc/openldap/ldap.conf:
URI ldap://ldap1-test/ ldap://ldap2-test/
BASE dc=test,dc=es
TLS_CACERT /etc/openldap/cacerts/catest.crt

CAcert file:

[root@XX ~]# ls -l /etc/openldap/cacerts/catest.crt
-rw-r--r--. 1 root root 1655 May 23 15:23 /etc/openldap/cacerts/catest.crt

Any idea on what the issue is? Am I missing anything?

Thanks in advance,

Esther

Follow-Ups:
- Re: Issue upgrading openldap-clients from 2.4.19-15 to 2.4.23-20
  - From: Rich Megginson <rich.megginson@gmail.com>

Prev by Date: Re: Memory leak in 2.4.31 w/ hdb and MMR?
Next by Date: Re: Memory leak in 2.4.31 w/ hdb and MMR?
Index(es):
- Chronological
- Thread