[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (host) and (uid) not indexed (after creating an account)
- To: "Joshua Schaeffer" <jschaeffer0922@gmail.com>
- Subject: Re: (host) and (uid) not indexed (after creating an account)
- From: "Ralf Mattes" <r.mattes@mh-freiburg.de>
- Date: Wed, 04 Jan 2017 21:07:38 +0100
- Cc: openldap-technical@openldap.org <openldap-technical@openldap.org>, Peng Yu <pengyu.ut@gmail.com>
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mh-freiburg.de; s=mail; t=1483560457; bh=Jdzd42jjWlrFc+bTqoi5i0Q5VwVzG4XYWuVS4+Dejds=; h=in-reply-to:to:from:subject:date:cc:From; b=kErW/c30q57KBNsiQ3Z7Ik8GJSPthZ/oIVgCdbACTPGbZfJU73tQC7s3XFLp396jM +WyIng2fkT14trmy6ZoaVylbjuCNfbY2cj6mN7qDPLpogz5go1y+IgAwWFIsBhPfE1 KTnu1xf1Y/Mik9R38L7RlvxSmX6PYEoHtjQmXX3c=
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mh-freiburg.de; s=mail; t=1483560457; bh=Jdzd42jjWlrFc+bTqoi5i0Q5VwVzG4XYWuVS4+Dejds=; h=in-reply-to:to:from:subject:date:cc:From; b=kErW/c30q57KBNsiQ3Z7Ik8GJSPthZ/oIVgCdbACTPGbZfJU73tQC7s3XFLp396jM +WyIng2fkT14trmy6ZoaVylbjuCNfbY2cj6mN7qDPLpogz5go1y+IgAwWFIsBhPfE1 KTnu1xf1Y/Mik9R38L7RlvxSmX6PYEoHtjQmXX3c=
- In-reply-to: <CAFNRWC6EBb935p9B3RoVTcOJ6itLASH24-skMQO3TskJJK2GRA@mail.gmail.com>
- User-agent: SOGoMail 2.3.17
Am Mittwoch, 04. Januar 2017 19:31 CET, Joshua Schaeffer <jschaeffer0922@gmail.com> schrieb:
> >
> The log here shows a successful BIND.
Hmm, the log
| Jan 2 12:17:22 openldapserver slapd[1082]: conn=2884 op=0 BIND dn="" method=128
shows a successful _anonymous_ bind, that has nothing to do with the authentication.
> The "(host) no indexed" entry is not
> an error, it is simply a message telling you that the "host" attribute is a
> candidate to be indexed for your BDB database. If you want that message to
> go away then add an equality index for host.
Side note: some of the openldap folks would consider the bdb backend a little bit outdated ...
> >
> Were you able to log into this server before changing the password? Do you
> have PAM setup on your client use LDAP as a login source?
The OP didn't tell us what kind of LDAP user authentication he uses. Have you looked at
the search request (that doesn't find anything)? Reformated, for better readability:
(&
(&(|
(host=\2A)
(host=elnath))
(!(host=!elnath)))
(&(|
(host=\2A)
(host=elnath))
(!(host=!elnath)))
(uid=le))
What program/tool did create that filter (note the redundant duplicated subquery. A and A is always A) ?
Since this search fails to find an entry that's the place debugging should start. N.B.: It looks like this query is
used by the athenticator to map the uid to a dn which would be needed for a user bind.
HTH Ralf Mattes