Hi there guys, I've got the following configuration with slapd 2.3.19
My aim is to restric user depending on their IP and group, well, this
configuration doesn't work, and this is the first ACL in slapd.conf
access to attrs=userPassword,shadowLastChange
by peername.ip=172.16.4.100%255.255.0.0 set="([uid=] + ([cn=Domain
Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth
by users write
by * none
This one Does
access to attrs=userPassword,shadowLastChange
by peername.regex=172\.16\.4\..* set="([uid=] + ([cn=Domain
Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth
by users write
by * none
Whay is this, I do not know, but is not the real problem, cuz as long as I
know, with regex
I cannot tell which range of IP to limit like with peername.ip, I want to do
this
peername.ip=192.168.1.16%255.255.255.240.
what's worst this doesn't even work
by peername.ip=172.16.4.100 auth
This is the log, trying to connect via secure shell using this ACL
by peername.ip=172.16.4.100%255.255.0.0 set="([uid=] + ([cn=Domain
Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:48 netwarrior slapd[2498]:
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: listen=8, new connection on
13
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: added 13r
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 ACCEPT from IP=
172.16.4.120:53861 (IP=0.0.0.0:636)
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:48 netwarrior slapd[2498]: 13r
Jan 1 17:56:48 netwarrior slapd[2498]:
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13)
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9
Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for
input on id=9
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:48 netwarrior slapd[2498]: 13r
Jan 1 17:56:48 netwarrior slapd[2498]:
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13)
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9
Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for
input on id=9
Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): unable to get
TLS client DN, error=49 id=9
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 TLS established
tls_ssf=256 ssf=256
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:48 netwarrior slapd[2498]: 13r
Jan 1 17:56:48 netwarrior slapd[2498]:
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13)
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9
Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for
input on id=9
Jan 1 17:56:48 netwarrior slapd[2498]: do_bind
Jan 1 17:56:48 netwarrior slapd[2498]: ber_get_next on fd 13 failed errno=11
(Resource temporarily unavailable)
Jan 1 17:56:48 netwarrior slapd[2498]: >>> dnPrettyNormal:
<cn=Manager,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:48 netwarrior slapd[2498]: <<< dnPrettyNormal:
<cn=Manager,dc=netwarrior,dc=com,dc=uy>,
<cn=manager,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:48 netwarrior slapd[2498]: do_bind: version=3
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 BIND
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:48 netwarrior slapd[2498]: ==> bdb_bind: dn:
cn=Manager,dc=netwarrior,dc=com,dc=uy
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 BIND
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0
Jan 1 17:56:48 netwarrior slapd[2498]: do_bind: v3 bind:
"cn=Manager,dc=netwarrior,dc=com,dc=uy" to
"cn=Manager,dc=netwarrior,dc=com,dc=uy"
Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: conn=9 op=0 p=3
Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: err=0 matched=""
text=""
Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_response: msgid=1 tag=97
err=0
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 RESULT tag=97 err=0 text=
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 2 descriptors
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:48 netwarrior slapd[2498]: 13r
Jan 1 17:56:48 netwarrior slapd[2498]:
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13)
Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9
Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for
input on id=9
Jan 1 17:56:48 netwarrior slapd[2498]: do_search
Jan 1 17:56:48 netwarrior slapd[2498]: >>> dnPrettyNormal:
<dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:48 netwarrior slapd[2498]: <<< dnPrettyNormal:
<dc=netwarrior,dc=com,dc=uy>, <dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:48 netwarrior slapd[2498]: SRCH "dc=netwarrior,dc=com,dc=uy" 2 0
Jan 1 17:56:48 netwarrior slapd[2498]: 1 0 0
Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter
Jan 1 17:56:48 netwarrior slapd[2498]: AND
Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter_list
Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter
Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY
Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0
Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter
Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY
Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0
Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter_list
Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0
Jan 1 17:56:48 netwarrior slapd[2498]: filter:
(&(objectClass=ipHost)(ipHostNumber=172.16.4.100))
Jan 1 17:56:48 netwarrior slapd[2498]: attrs:
Jan 1 17:56:48 netwarrior slapd[2498]: cn
Jan 1 17:56:48 netwarrior slapd[2498]: ipHostNumber
Jan 1 17:56:48 netwarrior slapd[2498]:
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SRCH
base="dc=netwarrior,dc=com,dc=uy" scope=2 deref=0
filter="(&(objectClass=ipHost)(ipHostNumber=172.16.4.100))"
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SRCH attr=cn ipHostNumber
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_search
Jan 1 17:56:48 netwarrior slapd[2498]:
bdb_dn2entry("dc=netwarrior,dc=com,dc=uy")
Jan 1 17:56:48 netwarrior slapd[2498]: =>
bdb_dn2id("dc=netwarrior,dc=com,dc=uy")
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_dn2id: got id=0x00000001
Jan 1 17:56:48 netwarrior slapd[2498]: entry_decode:
"dc=netwarrior,dc=com,dc=uy"
Jan 1 17:56:48 netwarrior slapd[2498]: <=
entry_decode(dc=netwarrior,dc=com,dc=uy)
Jan 1 17:56:48 netwarrior slapd[2498]: search_candidates:
base="dc=netwarrior,dc=com,dc=uy" (0x00000001) scope=2
Jan 1 17:56:48 netwarrior slapd[2498]: =>
bdb_dn2idl("dc=netwarrior,dc=com,dc=uy")
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:48 netwarrior slapd[2498]: AND
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa0
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:48 netwarrior slapd[2498]: OR
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa1
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_equality_candidates
(objectClass)
Jan 1 17:56:48 netwarrior slapd[2498]: => key_read
Jan 1 17:56:48 netwarrior slapd[2498]: bdb_idl_fetch_key: [b49d1940]
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_index_read: failed (-30989)
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_equality_candidates: id=0,
first=0, last=0
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:48 netwarrior slapd[2498]: AND
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa0
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_equality_candidates
(objectClass)
Jan 1 17:56:48 netwarrior slapd[2498]: => key_read
Jan 1 17:56:48 netwarrior slapd[2498]: bdb_idl_fetch_key: [7ec2180d]
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_index_read: failed (-30989)
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_equality_candidates: id=0,
first=0, last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0
first=0 last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=0
last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0
first=0 last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=0
last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0
first=0 last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=1
last=0
Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0
first=1 last=0
Jan 1 17:56:48 netwarrior slapd[2498]: ber_get_next on fd 13 failed errno=11
(Resource temporarily unavailable)
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:48 netwarrior slapd[2498]: bdb_search_candidates: id=0 first=1
last=0
Jan 1 17:56:48 netwarrior slapd[2498]: bdb_search: no candidates
Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: conn=9 op=1 p=3
Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: err=0 matched=""
text=""
Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_response: msgid=2 tag=101
err=0
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SEARCH RESULT tag=101
err=0 nentries=0 text=
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: listen=8, new connection on
15
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: added 15r
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 fd=15 ACCEPT from IP=
172.16.4.120:53862 (IP=0.0.0.0:636)
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15)
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10
Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for
input on id=10
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15)
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10
Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for
input on id=10
Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): unable to get
TLS client DN, error=49 id=10
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 fd=15 TLS established
tls_ssf=256 ssf=256
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15)
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10
Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for
input on id=10
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind
Jan 1 17:56:50 netwarrior slapd[2498]: ber_get_next on fd 15 failed errno=11
(Resource temporarily unavailable)
Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal:
<cn=Manager,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal:
<cn=Manager,dc=netwarrior,dc=com,dc=uy>,
<cn=manager,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 BIND
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn:
cn=Manager,dc=netwarrior,dc=com,dc=uy
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 BIND
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: v3 bind:
"cn=Manager,dc=netwarrior,dc=com,dc=uy" to
"cn=Manager,dc=netwarrior,dc=com,dc=uy"
Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: conn=10 op=0 p=3
Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: err=0 matched=""
text=""
Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_response: msgid=1 tag=97
err=0
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 RESULT tag=97 err=0
text=
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 2 descriptors
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15)
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10
Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for
input on id=10
Jan 1 17:56:50 netwarrior slapd[2498]: do_search
Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal:
<dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal:
<dc=netwarrior,dc=com,dc=uy>, <dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: SRCH "dc=netwarrior,dc=com,dc=uy" 2 0
Jan 1 17:56:50 netwarrior slapd[2498]: 1 0 0
Jan 1 17:56:50 netwarrior slapd[2498]: begin get_filter
Jan 1 17:56:50 netwarrior slapd[2498]: EQUALITY
Jan 1 17:56:50 netwarrior slapd[2498]: end get_filter 0
Jan 1 17:56:50 netwarrior slapd[2498]: filter: (uid=pablo)
Jan 1 17:56:50 netwarrior slapd[2498]: attrs:
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=1 SRCH
base="dc=netwarrior,dc=com,dc=uy" scope=2 deref=0 filter="(uid=pablo)"
Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_search
Jan 1 17:56:50 netwarrior slapd[2498]:
bdb_dn2entry("dc=netwarrior,dc=com,dc=uy")
Jan 1 17:56:50 netwarrior slapd[2498]: search_candidates:
base="dc=netwarrior,dc=com,dc=uy" (0x00000001) scope=2
Jan 1 17:56:50 netwarrior slapd[2498]: =>
bdb_dn2idl("dc=netwarrior,dc=com,dc=uy")
Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:50 netwarrior slapd[2498]: AND
Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_list_candidates 0xa0
Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 BIND anonymous
mech=implicit ssf=0
Jan 1 17:56:50 netwarrior slapd[2498]: => get_ctrls
Jan 1 17:56:50 netwarrior slapd[2498]: => get_ctrls: oid="
1.3.6.1.4.1.42.2.27.8.5.1" (noncritical)
Jan 1 17:56:50 netwarrior slapd[2498]: <= get_ctrls: n=1 rc=0 err=""
Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal:
<uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal:
<uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy>,
<uid=pablo,ou=users,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3
dn="uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 BIND
dn="uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:50 netwarrior slapd[2498]: slap_global_control: unavailable
control: 1.3.6.1.4.1.42.2.27.8.5.1
Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn:
uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy
Jan 1 17:56:50 netwarrior slapd[2498]:
bdb_dn2entry("uid=pablo,ou=users,dc=netwarrior,dc=com,dc=uy")
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8
active_threads=0 tvp=zero
Jan 1 17:56:50 netwarrior slapd[2498]: => access_allowed: auth access to
"uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" "userPassword" requested
Jan 1 17:56:50 netwarrior slapd[2498]: => acl_get: [1] attr userPassword
Jan 1 17:56:50 netwarrior slapd[2498]: access_allowed: no res from state
(userPassword)
Jan 1 17:56:50 netwarrior slapd[2498]: => acl_mask: access to entry
"uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy", attr "userPassword"
requested
Jan 1 17:56:50 netwarrior slapd[2498]: => acl_mask: to value by "", (=0)
Jan 1 17:56:50 netwarrior slapd[2498]: <= acl_mask: [1] mask: =0
Jan 1 17:56:50 netwarrior slapd[2498]: => access_allowed: auth access denied
by =0
Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: conn=10 op=2 p=3
Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: err=49 matched=""
text=""
Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_response: msgid=3 tag=97
err=49
Jan 1 17:56:50 netwarrior sshd[2554]: pam_ldap: error trying to bind as user
"uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" (Invalid credentials)
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 RESULT tag=97 err=49
text=
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r
Jan 1 17:56:50 netwarrior slapd[2498]:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15)
Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10
Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for
input on id=10
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind
Jan 1 17:56:50 netwarrior slapd[2498]: ber_get_next on fd 15 failed errno=11
(Resource temporarily unavailable)
Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal:
<cn=Manager,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal:
<cn=Manager,dc=netwarrior,dc=com,dc=uy>,
<cn=manager,dc=netwarrior,dc=com,dc=uy>
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=3 BIND
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128
Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn:
cn=Manager,dc=netwarrior,dc=com,dc=uy
Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=3 BIND
dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0
Any idea how can I solve this? what am I doing wrong?, is there a way to
limit a range of IP using
regex?
Thanks in advance
Best regards, and happy new year.