openldap-bugs February 2013

openldap-bugs@openldap.org

22 participants
48 discussions

Re: (ITS#7503) slapcat: retry a few times when retrieving an entry
by balint＠balintreczey.hu 07 Feb '13

07 Feb '13

Hi Howard, Thank you! I have updated the Debian bug report [1]. Cheers, Balint [1]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673038 2013/2/7 Howard Chu <hyc(a)symas.com>: > I've committed an alternate fix for this to git master, filed against > ITS#6365. Please test and let us know your results, thanks. > The patch is in commit 853b9d1335d27e280751e9cfb8ca6b5356ffec73 > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7503) slapcat: retry a few times when retrieving an entry
by hyc＠symas.com 07 Feb '13

07 Feb '13

I've committed an alternate fix for this to git master, filed against ITS#6365. Please test and let us know your results, thanks. The patch is in commit 853b9d1335d27e280751e9cfb8ca6b5356ffec73 -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7521) Passwords with either a comma or period don't authenticate against AD LDAP
by hyc＠symas.com 06 Feb '13

06 Feb '13

quanah(a)zimbra.com wrote: > --On Wednesday, February 06, 2013 6:33 PM +0000 TCera(a)sjrwmd.com wrote: > >> --_000_EE54DB3B9E0D63489B0845CE62912E8C3BAD846ABY2PRD0511MB441_ >> Content-Type: text/plain; charset="us-ascii" >> Content-Transfer-Encoding: quoted-printable >> >> xwiki uses jldap. >> >> http://www.openldap.org/jldap/ > > JLDAP is written in java, and does not use the OpenLDAP C libraries. If > you are going to use Java, I highly recommend you look at the unboundID SDK. > > I would also note that PHP's LDAP Support is known to be utterly broken. > There is no indication anywhere here in your report that indicates a bug > with the OpenLDAP software. If he could reproduce the issue using OpenLDAP's command line tools, there would be reason to suspect libldap. But no such problem occurs for me using e.g. ldapsearch. Closing this ITS. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7521) Passwords with either a comma or period don't authenticate against AD LDAP
by quanah＠zimbra.com 06 Feb '13

06 Feb '13

--On Wednesday, February 06, 2013 6:33 PM +0000 TCera(a)sjrwmd.com wrote: > --_000_EE54DB3B9E0D63489B0845CE62912E8C3BAD846ABY2PRD0511MB441_ > Content-Type: text/plain; charset="us-ascii" > Content-Transfer-Encoding: quoted-printable > > xwiki uses jldap. > > http://www.openldap.org/jldap/ JLDAP is written in java, and does not use the OpenLDAP C libraries. If you are going to use Java, I highly recommend you look at the unboundID SDK. I would also note that PHP's LDAP Support is known to be utterly broken. There is no indication anywhere here in your report that indicates a bug with the OpenLDAP software. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

Re: (ITS#7521) Passwords with either a comma or period don't authenticate against AD LDAP
by TCera＠sjrwmd.com 06 Feb '13

06 Feb '13

--_000_EE54DB3B9E0D63489B0845CE62912E8C3BAD846ABY2PRD0511MB441_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable xwiki uses jldap. http://www.openldap.org/jldap/ Without delving deeper, I don't know whether jldap uses openldap libraries = or not. I thought that it might since it was an openldap project. Though = if jldap and openldap are different enough then this issue points to a prob= lem then with Active Directory. On the other hand, Windows login, email, .= ..etc. were unaffected by the comma and period in the password. Regardless - take the comma and period out of my password, both tikiwiki an= d xwiki work. --_000_EE54DB3B9E0D63489B0845CE62912E8C3BAD846ABY2PRD0511MB441_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr= osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:= //www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"= > <meta name=3D"Generator" content=3D"Microsoft Word 12 (filtered medium)"> <style>  </style> </head> <body lang=3D"EN-US" link=3D"blue" vlink=3D"purple"> <div class=3D"WordSection1"> <p class=3D"MsoNormal">xwiki uses jldap.<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">http://www.openldap.org/jldap/<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Without delving deeper, I don't know whether jldap u= ses openldap libraries or not.  I thought that it might since it was a= n openldap project.  Though if jldap and openldap are different enough= then this issue points to a problem then with Active Directory.  On the other hand, Windows login, email, …et= c. were unaffected by the comma and period in the password.  <o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Regardless - take the comma and period out of my pas= sword, both tikiwiki and xwiki work. <o:p></o:p></p> </div> </body> </html> --_000_EE54DB3B9E0D63489B0845CE62912E8C3BAD846ABY2PRD0511MB441_--

1 0

Re: (ITS#7521) Passwords with either a comma or period don't authenticate against AD LDAP
by quanah＠zimbra.com 06 Feb '13

06 Feb '13

--On Wednesday, February 06, 2013 12:50 PM +0000 tim(a)cerazone.net wrote: > Full_Name: Tim Cera > Version: 2.4.23-26.el6_3.2 > OS: CentOS > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (74.252.34.1) > > > Currently using tikiwki (PHP) with LDAP authentication, and began > experimenting with xwiki (Java) also with LDAP authentication. Both > against an Active Directory server. With both systems you cannot > authenticate a password with either a comma or a period, so suspect it is > the underlying OpenLDAP libraries. The test password had both a comma > and period, and the account is locked right now so I can't easily test > which one or both are required to activate the bug. I would suspect you are incorrect if you are having this problem with a Java program, since Java would not be linked to the OpenLDAP C libraries. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

(ITS#7521) Passwords with either a comma or period don't authenticate against AD LDAP
by tim＠cerazone.net 06 Feb '13

06 Feb '13

Full_Name: Tim Cera Version: 2.4.23-26.el6_3.2 OS: CentOS URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (74.252.34.1) Currently using tikiwki (PHP) with LDAP authentication, and began experimenting with xwiki (Java) also with LDAP authentication. Both against an Active Directory server. With both systems you cannot authenticate a password with either a comma or a period, so suspect it is the underlying OpenLDAP libraries. The test password had both a comma and period, and the account is locked right now so I can't easily test which one or both are required to activate the bug. I did try looking for this bug suspecting that it would have been reported, and didn't find it. Hope this isn't a duplicate.

1 0

Re: (ITS#7520) back-ldap omit-unknown-schema
by tedcheng＠symas.com 05 Feb '13

05 Feb '13

Please find the patch at: https://dl.dropbox.com/u/94235048/back_ldap_omit_unknown_schema.patch The attached file is derived from OpenLDAP Software. By virtue of my employment agreement with Symas Corporation, I have assigned my rights and interest to Symas Corporation. Symas Corporation has not assigned rights and/or interest to any party. I, Ted C. Cheng, am authorized by Symas Corporation, my employer, to release this work under the following terms. Symas Corporation hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice. Ted C. Cheng Symas Corporation

1 0

(ITS#7520) back-ldap omit-unknown-schema
by tedcheng＠symas.com 05 Feb '13

05 Feb '13

Full_Name: Ted C. Cheng Version: HEAD OS: Linux/Solaris URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (76.174.253.197) This patch allows back-ldap to ignore unknown schema defined by a remote (foreign) LDAP server. Clients do not need to handle schema that are not local to the slapd server.

1 0

Re: (ITS#7518) nssov sync'ed up with nss_pam_ldapd.0.8.11
by tedcheng＠symas.com 05 Feb '13

05 Feb '13

The attached file is derived from OpenLDAP Software. By virtue of my employment agreement with Symas Corporation, I have assigned my rights and interest to Symas Corp. Symas Corporation has not assigned rights and/or interest to any party. I, Ted C. Cheng, am authorized by Symas Corporation, my employer, to release this work under the following terms. Symas Corporation hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice. Ted C. Cheng Symas Corporation On Feb 4, 2013, at 5:01 PM, openldap-its(a)OpenLDAP.org wrote: > > *** THIS IS AN AUTOMATICALLY GENERATED REPLY *** > > Thanks for your report to the OpenLDAP Issue Tracking System. Your > report has been assigned the tracking number ITS#7518. > > One of our support engineers will look at your report in due course. > Note that this may take some time because our support engineers > are volunteers. They only work on OpenLDAP when they have spare > time. > > If you need to provide additional information in regards to your > issue report, you may do so by replying to this message. Note that > any mail sent to openldap-its(a)openldap.org with (ITS#7518) > in the subject will automatically be attached to the issue report. > > mailto:openldap-its@openldap.org?subject=(ITS#7518) > > You may follow the progress of this report by loading the following > URL in a web browser: > http://www.OpenLDAP.org/its/index.cgi?findid=7518 > > Please remember to retain your issue tracking number (ITS#7518) > on any further messages you send to us regarding this report. If > you don't then you'll just waste our time and yours because we > won't be able to properly track the report. > > Please note that the Issue Tracking System is not intended to > be used to seek help in the proper use of OpenLDAP Software. > Such requests will be closed. > > OpenLDAP Software is user supported. > http://www.OpenLDAP.org/support/ > > -------------- > Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved. >

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs February 2013