openldap-bugs

openldap-bugs@openldap.org

1 participants
20967 discussions

Re: (ITS#8465) ldapsearch & slapcat : different output
by quanah＠symas.com 17 Mar '17

17 Mar '17

--On Friday, July 15, 2016 4:15 PM +0000 norbert.massa(a)yopmail.com wrote: > Full_Name: Norbert MASSA > Version: 2.4.40 > OS: CentOS 7.1 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (62.240.254.57) Hi Norbert, There's virtually nothing to go on in this bug report. I.e. no configuration information, etc. What backend were you using (bdb? hdb? mdb?) etc. I'd also note that the ldapsearch you provided would not give a complete backup (It's missing dumps of the operational attributes). --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

Re: (ITS#8470) LastBind Module Issue
by quanah＠symas.com 17 Mar '17

17 Mar '17

--On Thursday, July 28, 2016 12:59 PM +0000 avijeett007(a)gmail.com wrote: Hello, This does not sound like a report for a bug in the OpenLDAP Software. OpenLDAP does not distribute startup scripts. I would suggest following up with your OS provider, since running slapd manually works as expected. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

Re: (ITS#8477) OpenLDAP.org has a broken TLS certificate
by quanah＠symas.com 17 Mar '17

17 Mar '17

--On Thursday, August 11, 2016 5:53 AM +0000 demiobenour(a)gmail.com wrote: > Also, why the self-signed certificate at all? ??Let's Encrypt is > providing free certificates. This should now be fixed. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

Re: (ITS#8617) Seg-fault while using meta database and rwm overlay together
by quanah＠symas.com 17 Mar '17

17 Mar '17

--On Wednesday, March 15, 2017 11:51 PM +0000 jaroslaw.wencel(a)gmail.com wrote: > Full_Name: Jaroslaw Wencel > Version: 2.4.42 > OS: Ubuntu 16.04.1 > URL: > Submission from: (NULL) (46.227.243.233) > > > Hi > > I'm trying to develop configuration which includes Active Directory > catalogue into main LDAP tree I have in my configuration. Everything > works well while using slapd-meta as long as I do not try to combine it > with rwm overlay. > > LDAP crashes while invoking modrdn change (refer to attached > crashme.ldif) with the configuration as in config.ldif. > > modrdn change works well until I add dn: > olcOverlay={0}rwm,olcDatabase={1}meta,cn=config to the configuration. > > I'm using OpenLDAP 2.4.42 installed from Ubuntu repositories (latest > version from 16.04.01). > I have uploaded > ftp://ftp.openldap.org/incoming/Jaroslaw-Wencel-170315.tgz to the ftp > server, archive file contains: > - config.ldif - dump of ldap configuration from the moment modrdn > operation crashes the server > - crashme.ldif - the ldif file I'm using for invoking modrdn operation > - crash.logs - slapd daemon log > > Please let me know if you have any further questions Hi, Thanks for the report! There are a number of known existing issues with slapo-rwm, so the detail provided here is quite useful. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

Re: (ITS#8615) Dovecot can't connect to openldap over starttls
by quanah＠symas.com 16 Mar '17

16 Mar '17

--On Saturday, March 11, 2017 11:55 AM +0000 info(a)gwarband.de wrote: > Full_Name: Tobias Warband > Version: 2.4.40+dfsg-1+deb8u2 > OS: Debian 8 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (149.172.171.148) > > > Hello, > > I'm trying to configure dovecot with ldapconnection over starttls (Secure > LDAP). > I belief the problem is something with the methode ldap_start_tls_s() > or ldap_int_tls_connect() that's called from the first. > Other software can connect to the openldapserver e.g. postfix, > openxchange, apache. > All logs and configs are in the URL below. Hi Tobias, The ITS system is for reporting bugs in OpenLDAP. Nothing in this report indicates a bug with OpenLDAP. In fact the information you provide about other processes being able to connect to OpenLDAP without inssue further indicate no bug with OpenLDAP. Generally, I would advise you seek support from the Dovecot authors, as it is their product that is having issues, and they should be able to provide accurate and detailed information on how to properly configure their software to interface with LDAP. Alternatively, you may wish to try the openldap-technical list if discussing with the Dovecot community does not resolve the problem. This ITS will be closed. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

(ITS#8618) ldapsearch - unexpected behavior with "-h URI -p PORT"
by alex＠r42.ch 15 Mar '17

15 Mar '17

Full_Name: Alexandre Rosenberg Version: 2.4.44 OS: Linux - CentOS7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (125.30.6.137) I found some unexpected behavior when using both '-h' and '-p' option with ldapserach. == Reproduce: - Use the '-h' option with an invalid hostname such as a URI - Also set a (valid) port using the '-p' option == Result: If those condition are met, ldapearch seem to always connect to localhost on port 389 $ ldapsearch -x -d 255 -h ldap://localhost -p 10389 ldap_create ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:389 == Expected behavior: Failure due to invalid hostname == Note: This *only* happens when both '-h' and '-p' are used. When only '-h' is used, following happens which seem fine: $ ldapsearch -x -d 255 -h ldap://localhost ldap_create ldap_url_parse_ext(ldap://ldap:%2F%2Flocalhost) ldap_err2string Could not create LDAP session handle for URI=ldap://ldap: %2F%2Flocalhost (-9): Bad parameter to an ldap routine == Additional example: Bellow are some more example - note adding "/" to the hostname is enough to trigger the issue. 1. $ ldapsearch -x -d 255 -h example.org -p 10636 -> Connects to example.org on port 10636 (as expected) 2. $ ldapsearch -x -d 255 -h /example.org -p 10636 -> Connects to localhost on port 389 (!) - note the added "/" 3. $ ldapsearch -x -d 255 -h /example.org Running the command will give you the debug output (which I omitted here). Note I am using openldap 2.4.44.

1 0

(ITS#8617) Seg-fault while using meta database and rwm overlay together
by jaroslaw.wencel＠gmail.com 15 Mar '17

15 Mar '17

Full_Name: Jaroslaw Wencel Version: 2.4.42 OS: Ubuntu 16.04.1 URL: Submission from: (NULL) (46.227.243.233) Hi I'm trying to develop configuration which includes Active Directory catalogue into main LDAP tree I have in my configuration. Everything works well while using slapd-meta as long as I do not try to combine it with rwm overlay. LDAP crashes while invoking modrdn change (refer to attached crashme.ldif) with the configuration as in config.ldif. modrdn change works well until I add dn: olcOverlay={0}rwm,olcDatabase={1}meta,cn=config to the configuration. I'm using OpenLDAP 2.4.42 installed from Ubuntu repositories (latest version from 16.04.01). I have uploaded ftp://ftp.openldap.org/incoming/Jaroslaw-Wencel-170315.tgz to the ftp server, archive file contains: - config.ldif - dump of ldap configuration from the moment modrdn operation crashes the server - crashme.ldif - the ldif file I'm using for invoking modrdn operation - crash.logs - slapd daemon log Please let me know if you have any further questions Thanks Jaroslaw Wencel

1 0

(ITS#8616) olcSpNopresent and olcSpReloadHint can't be modified dynamically
by elecharny＠symas.com 14 Mar '17

14 Mar '17

Full_Name: Emmanuel Lecharny Version: 2.4.44 OS: CentOS URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (86.246.56.212) Adding either the olcSpNoPresent/olcSpReloadHint into a syncprov overlay is possible using slapd.d. It the values are set to TRUE, you can remove them. If you set them to FALSE, trying to remove the value get you an error 80. Second thing : set the value to TRUE (works), then change it to FALSE (works). Now, you are stuck : you can't revert it to TRUE or remove them. Third thing : set the value to FALSE (works), then you can't change it to TRUE or delete the attribute. There is no other way that modifyin the ldif file to get it back on its feet.

1 0

Re: (ITS#8607) Second master in MMR config logging contextCSN changes to accesslog
by quanah＠symas.com 13 Mar '17

13 Mar '17

--On Monday, March 13, 2017 12:55 PM -0400 Matthew Berg <mberg(a)synacor.com> = wrote: > "After investigating the server setup, there are a few problems here. > The new server was being configured with sid=3D001 which was already > assigned to=C2=A0the original master. That's clearly going to screw = things > up." I'm aware of what Howard's original response was. That has nothing to do=20 with what the problem was, or the later 100% reproducible test I provided=20 him that did not have that problem. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

Re: (ITS#8607) Second master in MMR config logging contextCSN changes to accesslog
by mberg＠synacor.com 13 Mar '17

13 Mar '17

"After investigating the server setup, there are a few problems here. The new server was being configured with sid=001 which was already assigned to the original master. That's clearly going to screw things up." On Mon, 2017-03-06 at 10:03 -0800, Quanah Gibson-Mount wrote: > --On Monday, March 06, 2017 5:24 PM +0000 mberg(a)synacor.com wrote: > > > Reading back over the report on ITS-8281, the reported behavior > > would have been a collision of generating a new contextCSN as well > > as duplicating the producer's SID. So it's generated contextCSN > > would have masked the one it never committed from the original > > master. > > I'm not sure what you mean by duplicating the producer's SID. Both > nodes > had unique SID values. There were no duplicated SIDs. > > --Quanah > > -- > > Quanah Gibson-Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by > OpenLDAP: > <http://www.symas.com> > -- Matthew Berg <mberg(a)synacor.com> This message and any attachment may contain information that is confidential and/or proprietary. Any use, disclosure, copying, storing, or distribution of this e-mail or any attached file by anyone other than the intended recipient is strictly prohibited. If you have received this message in error, please notify the sender by reply email and delete the message and any attachments. Thank you.

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs