[Issue 10165] New: back-meta fails to bind to target when proxying an internal operation

31 Jan 2024


      https://bugs.openldap.org/show_bug.cgi?id=10165
Issue ID: 10165
           Summary: back-meta fails to bind to target when proxying an
                    internal operation
           Product: OpenLDAP
           Version: 2.6.7
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: backends
          Assignee: bugs@openldap.org
          Reporter: nivanova@symas.com
  Target Milestone: ---
When the target is configured as follows:
idassert-bind bindmethod=sasl saslmech=EXTERNAL authz=proxyauthz flags=override
and an overlay issues an internal operation, back-meta attempts to open a new
connection to the target, but the bind fails, so the internal operation cannot
be executed.
The target server returns the following error (as logged by back-meta):
<unauthenticated bind (DN with no password) disallowed>
Example configuration of the target server:
authz-regexp gidNumber=.*+uidNumber=.*,cn=peercred,cn=external,cn=auth
cn=config
logfile ./main.log
database config
database mdb
directory ./main
rootdn cn=config
suffix o=example.com
overlay accesslog
logdb cn=log
logops writes
logsuccess true
database mdb
suffix cn=log
directory ./log
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 10165] New: back-meta fails to bind to target when proxying an internal operation