> That's all very interesting, but you haven't provided the standard
> items needed in a crash report - a stack trace from the crash,
Yes I have, but later than your reply on the ITS site.
> and the actual client command that caused the crash. Also, the slapd
> configuration, plus any relevant schema if you've used any custom
> schema in relation to this failing command.
Other details:
Command:
ldapsearch2.4 -x -D "cn=admin,dc=billy,dc=demon,dc=nl" -w secret
'facsimileTelephoneNumber=+4753491111' facsimile TelephoneNumber
slapd.conf:
1386 [root:tru.leerlingen] /etc/openldap2.4 # grep '^[^#]' slapd.conf
include /etc/openldap2.4/schema/core.schema
include /etc/openldap2.4/schema/cosine.schema
include /etc/openldap2.4/schema/corba.schema
include /etc/openldap2.4/schema/inetorgperson.schema
include /etc/openldap2.4/schema/java.schema
include /etc/openldap2.4/schema/krb5-kdc.schema
include /etc/openldap2.4/schema/kerberosobject.schema
include /etc/openldap2.4/schema/misc.schema
include /etc/openldap2.4/schema/nis.schema
include /etc/openldap2.4/schema/nitrobit-ads.schema
include /etc/openldap2.4/schema/openldap.schema
include /etc/openldap2.4/schema/samba.schema
include /etc/openldap2.4/schema/evolutionperson.schema
include /etc/openldap2.4/schema/calendar.schema
include /etc/openldap2.4/schema/qmail.schema
include /etc/openldap2.4/schema/authldap.schema
include /etc/openldap2.4/schema/dhcp.schema
include /etc/openldap2.4/schema/pykota.schema
include /etc/openldap2.4/schema/ppolicy.schema
include /etc/openldap2.4/schema/DUAConfigProfile.schema
include /etc/openldap2.4/schema/local.schema
pidfile /var/run/ldap2.4/slapd.pid
argsfile /var/run/ldap2.4/slapd.args
allow bind_v2
password-hash {CLEARTEXT}
TLSCACertificateFile /etc/certs/CA/CA.pem
TLSCertificateFile /etc/certs/slapd/servercert.pem
TLSCertificateKeyFile /etc/certs/slapd/serverkey.pem
TLSVerifyClient never
sasl-authz-policy to
authz-regexp uid=(.*),cn=digest-md5,cn=auth
"ldap:///dc=billy,dc=demon,dc=nl??sub?uid=$1"
authz-regexp uid=(.*),cn=cram-md5,cn=auth
"ldap:///dc=billy,dc=demon,dc=nl??sub?uid=$1"
include /etc/openldap2.4/slapd.access
modulepath /usr/lib/openldap2.4
moduleload back_ldap.la
moduleload back_monitor.la
moduleload accesslog.la
moduleload ppolicy.so
moduleload smbk5pwd.so
plugin preoperation libaddrdnvalues-plugin.so addrdnvalues_preop_init
backend monitor
database monitor
database config
rootdn "cn=admin,dc=billy,dc=demon,dc=nl"
database bdb
suffix "dc=billy,dc=demon,dc=nl"
directory /var/lib/ldap2.4/
rootdn "cn=admin,dc=billy,dc=demon,dc=nl"
rootpw kopjekoffie
overlay ppolicy
ppolicy_default "cn=Standard,ou=Policies,dc=billy,dc=demon,dc=nl"
ppolicy_use_lockout
overlay smbk5pwd
cachesize 1000
checkpoint 250 240
loglevel stats
dbconfig set_cachesize 0 10240000 1
dbconfig set_lg_regionmax 2048000
dbconfig set_lg_bsize 2048000
dbconfig set_lk_max_locks 2000
dbconfig set_lk_max_lockers 2000
dbconfig set_lk_max_objects 2000
index entryCSN,entryUUID eq
include /etc/openldap2.4/indices.conf
indices.conf:
1385 [root:tru.leerlingen] /etc/openldap2.4 # grep '^[^#]' indices.conf
index accountstatus pres,eq
index anniversary pres,eq
index assistantName pres,eq
index assistantPhone pres,eq
index birthDate pres,eq
index businessRole pres,eq
index calCalURI pres,eq
index calFBURL pres,eq
index callbackPhone pres,eq
index carPhone pres,eq
index category pres,eq
index cn pres,eq,sub
index companyPhone pres,eq
index description pres,eq,sub
index destinationIndicator pres,eq,sub
index dhcpClassData pres,eq
index dhcpHWAddress pres,eq
index dhcpPrimaryDN pres,eq
index dhcpRange pres,eq
index displayName pres,eq,sub
index fileAs pres,eq,sub
index filtermember pres,eq,sub
index gidNumber pres,eq
index givenName pres,eq
index homePhone pres,eq
index homePostalAddress pres
index krb5PrincipalName eq
index labeledURI pres,eq
index mail pres,eq,sub
index mailer pres,eq
index maillocaladdress pres,eq
index mailroutingaddress pres,eq
index mailsource pres,eq
index managerName pres,eq
index memberuid pres,eq
index mobile pres,eq
index note pres,eq
index o pres,eq
index objectClass pres,eq
index otherPhone pres,eq
index otherPostalAddress pres
index ou pres,eq
index pager pres,eq
index postalAddress pres
index primaryPhone pres,eq
index pykotaUserName pres,eq,sub
index pykotaGroupName pres,eq,sub
index pykotaPrinterName pres,eq,sub
index pykotaBillingCode pres,eq,sub
index pykotaLastJobIdent eq
index quota pres,eq
index radio pres,eq
index rfc822mailmember pres,eq
index roomNumber pres,eq
index sn pres,eq,sub
index spouseName pres,eq
index telephoneNumber pres,eq
index facsimileTelephoneNumber pres
index telex pres,eq
index title pres,eq
index tty pres,eq
index uid pres,eq
index uidNumber pres,eq
index uniqueMember pres
index userPassword pres,eq
index sambaAcctFlags pres,eq
index sambaAlgorithmicRidBase pres,eq
index sambaDomainName pres,eq
index sambaGroupType pres,eq
index sambaHomeDrive pres,eq
index sambaHomePath pres,eq
index sambaKickoffTime pres,eq
index sambaLMPassword pres,eq
index sambaLogoffTime pres,eq
index sambaLogonScript pres,eq
index sambaLogonTime pres,eq
index sambaNextGroupRid pres,eq
index sambaNextRid pres,eq
index sambaNextUserRid pres,eq
index sambaNTPassword pres,eq
index sambaPrimaryGroupSID pres,eq
index sambaProfilePath pres,eq
index sambaPwdCanChange pres,eq
index sambaPwdLastSet pres,eq
index sambaPwdMustChange pres,eq
index sambaSID pres,eq,sub
index sambaUserWorkstations pres,eq
slapd.access:
1388 [root:tru.leerlingen] /etc/openldap2.4 # grep '^[^#]' slapd.access
access to dn="cn=config"
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by * none
access to dn.subtree="cn=config"
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by * none
access to dn.subtree="cn=monitor"
by dn.exact=cn=admin,dc=billy,dc=demon,dc=nl write
by * read
access to dn.subtree=dc=billy,dc=demon,dc=nl
attrs=userPassword,sambaLMPassword,sambaNTPassword,accountStatus
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by self write
by * auth
access to dn.subtree=dc=billy,dc=demon,dc=nl
attrs=registeredAddress,street,postalCode,postalAddress,localityName,homePhone
attrs=mail,mobile,birthDate
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by self write
access to dn.subtree=ou=contacts,dc=billy,dc=demon,dc=nl
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by * read
access to dn.subtree=ou=pykota,dc=billy,dc=demon,dc=nl
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotaadmin,ou=pykota,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotauser,ou=pykota,dc=billy,dc=demon,dc=nl read
by * none
access to dn.subtree=dc=billy,dc=demon,dc=nl
attrs=pykotaLimitBy,pykotaUserName,pykotaOverCharge,pykotaLifeTimePaid,pykotaBalance,pykotaLifeTimePaid,pykotaPayments
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotaadmin,ou=pykota,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotauser,ou=pykota,dc=billy,dc=demon,dc=nl read
by * none
access to dn=cn=admin,dc=billy,dc=demon,dc=nl
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotaadmin,ou=pykota,dc=billy,dc=demon,dc=nl write
by * search
access to dn.subtree=dc=billy,dc=demon,dc=nl
attrs=postalAddress,title,fileAs,telephoneNumber,description,homePhone,mobile,birthDate,mail
attrs=accountstatus,confirmtext,maildrop,mailbox,mailMessageStore,homepostaladdress
attrs=shadowLastChange,shadowMin,shadowMax,shadowWarning,shadowInactive,shadowFlag,shadowExpire
attrs=sambaPwdCanChange,sambaPwdMustChange,sambaAcctFlags,sambaPwdLastSet
attrs=sambaSID,sambaPrimaryGroupSID,sambaPasswordHistory,sambaKickoffTime
attrs=sambaPwdMustChange,sambaAcctFlags,sambaPasswordHistory,sambaKickoffTime,sambaLogonHours
attrs=sambaPwdCanChange,sambaPwdLastSet,sambaSID,sambaPrimaryGroupSID,sambaBadPasswordCount,sambaBadPasswordTime
attrs=sambaLogonHours,sambaLogonScript,sambaHomeDrive,sambaDomainName
attrs=mailhost,quota,member
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotaadmin,ou=pykota,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by self write
by * none
access to dn.base=cn=tru.leerlingen,dc=billy,dc=demon,dc=nl
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by dn=cn=pykotaadmin,ou=pykota,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by * none
access to dn.subtree=cn=System,dc=billy,dc=demon,dc=nl
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by * none
access to dn.subtree=ou=mailaliases,ou=groups,dc=billy,dc=demon,dc=nl
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by
group=cn=peoplemanagers,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl write
by * read
access to dn.subtree=""
by dn=cn=admin,dc=billy,dc=demon,dc=nl write
by * read
access to dn.subtree="dc=billy,dc=demon,dc=nl"
by * read
Relevant schema: core.schema
--Tonni
--
Tony Earnshaw
Email: tonni at hetnet dot nl