openldap-software November 2007

openldap-software@openldap.org

73 participants
92 discussions

Re: 2.4.6 ACLs and Extented Operations
by Gavin Henry 01 Nov '07

01 Nov '07

<quote who="Howard Chu"> > Gavin Henry wrote: >> Now, when we browse our Samba PDC that worked fine on 2.3.39, we are >> seeing: >> >> conn=63 fd=32 ACCEPT from IP=X.X.X.X:39211 (IP=0.0.0.0:389) >> conn=63 op=0 EXT oid=1.3.6.1.4.1.1466.20037 >> conn=63 op=0 do_extended: unsupported operation "1.3.6.1.4.1.1466.20037" >> conn=63 op=0 RESULT tag=120 err=2 text=unsupported extended operation >> >> and it goes very slowly. >> >> Any ideas? > > That's a StartTLS request. slapd will reject that request if you didn't > configure TLS certificates. Check your client config to see why it's > requesting it, or your server config... Aye, realised this now after using my head. Our Samba conf has start_tls in it. What an idiot ;-) No problem with 2.4.6 here, just brain dead users ;-)

1 0

2.4.6 ACLs and Extented Operations
by Gavin Henry 01 Nov '07

01 Nov '07

Dear All, It this a bad ACL?: access to dn="ou=Users,dc=suretecsystems,dc=com" by self write by users read by anonymous auth This was working fine on 2.3.39, but after an upgrade last night "getent passwd" stopped working with error 50. I can supply the full ACL and some sample data when I get a change. But with loglevel 128, it looked like with was seeing "by auth" and not "by anonymous auth" Now, when we browse our Samba PDC that worked fine on 2.3.39, we are seeing: conn=63 fd=32 ACCEPT from IP=X.X.X.X:39211 (IP=0.0.0.0:389) conn=63 op=0 EXT oid=1.3.6.1.4.1.1466.20037 conn=63 op=0 do_extended: unsupported operation "1.3.6.1.4.1.1466.20037" conn=63 op=0 RESULT tag=120 err=2 text=unsupported extended operation and it goes very slowly. Any ideas? I'll obvoiusly doc this up in our migration section later. Thanks. -- Kind Regards, Gavin Henry. OpenLDAP Engineering Team. E ghenry(a)OpenLDAP.org Community developed LDAP software. http://www.openldap.org/project/

3 2

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-software November 2007