[Date Prev][Date Next] [Chronological] [Thread] [Top]

Net::LDAPapi syncrepl working only intermittently in 2.4.42

To: openldap-technical@openldap.org
Subject: Net::LDAPapi syncrepl working only intermittently in 2.4.42
From: Nat Sincheler <fai1107@macrotex.net>
Date: Wed, 9 Sep 2015 10:53:00 -0700
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0

I have Perl script that implements a syncrepl listener using thelisten_for_changes method from Net::LDAPapi (3.0.3). The listener workswell with OpenLDAP 2.4.40 but I am having trouble getting it to workconsistently with 2.4.42.


The code looks something like this:

# $LDAP is bound using GSSAPI

my $msgid = $LDAP->listen_for_changes(
  -basedn  => "cn=accesslog",
  -scope   => LDAP_SCOPE_SUBTREE,
  -filter  => "objectclass=*",
  -cookie  => "/var/run/sync.cookie");

while (1) {
  my @entries;
  while (@entries = $LDAP->next_changed_entries($msgid, 0, -1))) {
  ...
}

Most of the time (but not _all_ of the time) the listener fails to pickup any entries from the accesslog and I see these messages in my logs:

2015-09-09T08:32:20.926931-07:00 ldap-jessie0 slapd[631]: conn=1161 op=4SEARCH RESULT tag=101 err=2 nentries=0 text=Sync control : mode decodingerror2015-09-09T08:32:20.927211-07:00 ldap-jessie0 slapd[631]: conn=1161 op=4do_search: get_ctrls failed


(Fuller log output included below).

I know that the credentials can read the access log as I run a simplesearch against cn=accesslog before the list_for_changes just to be surethe issue is not related to my credentials.

What does "Sync control : mode decoding error" mean? Any suggestions onnext steps for troubleshooting?





####################################################################

2015-09-09T08:32:20.902032-07:00 ldap-jessie0 slapd[631]: conn=1161fd=14 ACCEPT from IP=171.67.214.66:39646 (IP=0.0.0.0:389)2015-09-09T08:32:20.902108-07:00 ldap-jessie0 slapd[631]: conn=1161 op=0SRCH base="" scope=0 deref=0 filter="(objectClass=*)"2015-09-09T08:32:20.902207-07:00 ldap-jessie0 slapd[631]: conn=1161 op=0SRCH attr=supportedSASLMechanisms2015-09-09T08:32:20.902262-07:00 ldap-jessie0 slapd[631]: conn=1161 op=0SEARCH RESULT tag=101 err=0 nentries=1 text=2015-09-09T08:32:20.910842-07:00 ldap-jessie0 slapd[631]: conn=1161 op=1BIND dn="" method=1632015-09-09T08:32:20.914261-07:00 ldap-jessie0 slapd[631]: conn=1161 op=1RESULT tag=97 err=14 text=SASL(0): successful result: mech EXTERNAL istoo weak2015-09-09T08:32:20.917754-07:00 ldap-jessie0 slapd[631]: conn=1161 op=2BIND dn="" method=1632015-09-09T08:32:20.917798-07:00 ldap-jessie0 slapd[631]: conn=1161 op=2RESULT tag=97 err=14 text=SASL(0): successful result: mech EXTERNAL istoo weak2015-09-09T08:32:20.918060-07:00 ldap-jessie0 slapd[631]: conn=1161 op=3BIND dn="" method=1632015-09-09T08:32:20.918102-07:00 ldap-jessie0 slapd[631]: conn=1161 op=3BIND authcid="service/ldap-jessie0@stanford.edu"authzid="service/ldap-jessie0@stanford.edu"2015-09-09T08:32:20.918188-07:00 ldap-jessie0 slapd[631]: conn=1161 op=3BIND dn="cn=ldap-jessie0,cn=service,cn=applications,dc=stanford,dc=edu"mech=GSSAPI sasl_ssf=56 ssf=562015-09-09T08:32:20.918240-07:00 ldap-jessie0 slapd[631]: conn=1161 op=3RESULT tag=97 err=0 text=2015-09-09T08:32:20.926931-07:00 ldap-jessie0 slapd[631]: conn=1161 op=4SEARCH RESULT tag=101 err=2 nentries=0 text=Sync control : mode decodingerror2015-09-09T08:32:20.927211-07:00 ldap-jessie0 slapd[631]: conn=1161 op=4do_search: get_ctrls failed

Follow-Ups:
- Re: Net::LDAPapi syncrepl working only intermittently in 2.4.42
  - From: Aaron Richton <richton@nbcs.rutgers.edu>

Prev by Date: Re: Building OpenLDAP for Windows
Next by Date: ldapsearch getting attribute list in specific order
Index(es):
- Chronological
- Thread