January 2008 - openldap-software

PANIC: fatal region error detected; run recovery OR Internal (implementation specific) error (80)

by Brent Clark

Hi all Im starting to take the plunge to learn LDAP. Im reading the "OpenLDAP Software 2.3 Administrators Guide". Im trying to start out by creating databases and doing a query. I use debian (testing), and so have editted the slapd.conf file. ============== Cut and Paste database bdb suffix "dc=brent,dc=local" rootdn "cn=Manager,dc=brent,dc=local" #rootpw {MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ== rootpw secret directory "/var/lib/ldap" database bdb suffix "dc=com,dc=local,dc=edu,dc=org" rootdn "cn=Manager,dc=com,dc=local,dc=edu,dc=org" #rootpw {MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ== rootpw secret directory "/var/lib/ldap" oot@zion:/etc/ldap# ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContexts # # dn: namingContexts: dc=brent,dc=local namingContexts: dc=com,dc=local,dc=edu,dc=org # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 root@zion:/etc/ldap# So now if i try to add via ldapadd, I get the following zion:/tmp/ldap# ldapadd -x -D "cn=Manager,dc=brent,dc=local" -W -f /home/bclark/OPENLDAP/test1 Enter LDAP Password: adding new entry "dc=brent, dc=local" ldapadd: Internal (implementation specific) error (80) And here is my test1 file zion:/tmp/ldap# cat /home/bclark/OPENLDAP/test1 # Domain Entry dn: dc=brent, dc=local objectclass: dcObject objectclass: organization o: Abc Consulting dc: brent.local dn:cn=Manager,dc=brent, dc=local objectclass: organizationalRole cn=Manager zion:/tmp/ldap# I really dont know why this is happening, and what am I doing wrong. I increased the loglevel to 1 and this has sparked an interest. Jan 6 01:33:06 zion slapd[25718]: >>> dnPrettyNormal: <cn=Manager,dc=brent,dc=local> Jan 6 01:33:06 zion slapd[25718]: <<< dnPrettyNormal: <cn=Manager,dc=brent,dc=local>, <cn=manager,dc=brent,dc=local> Jan 6 01:33:06 zion slapd[25718]: do_bind: version=3 dn="cn=Manager,dc=brent,dc=local" method=128 Jan 6 01:33:06 zion slapd[25718]: do_bind: v3 bind: "cn=Manager,dc=brent,dc=local" to "cn=Manager,dc=brent,dc=local" Jan 6 01:33:06 zion slapd[25718]: send_ldap_result: conn=5 op=0 p=3 Jan 6 01:33:06 zion slapd[25718]: send_ldap_response: msgid=1 tag=97 err=0 Jan 6 01:33:06 zion slapd[25718]: connection_get(17): got connid=5 Jan 6 01:33:06 zion slapd[25718]: connection_read(17): checking for input on id=5 Jan 6 01:33:06 zion slapd[25718]: do_add Jan 6 01:33:06 zion slapd[25718]: >>> dnPrettyNormal: <dc=brent, dc=local> Jan 6 01:33:06 zion slapd[25718]: <<< dnPrettyNormal: <dc=brent,dc=local>, <dc=brent,dc=local> Jan 6 01:33:06 zion slapd[25718]: bdb(dc=brent,dc=local): PANIC: fatal region error detected; run recovery If someone could help, I would me most grateful. Kind Regards Brent Clark

15 years, 11 months

3
2
0 / 0

OpenLDAP Weekly News Moved to openldap-technical list

by Gavin Henry

Hi All, Just a quick one to say all future OWN posts will be going to the new mailing list: http://www.openldap.org/lists/mm/listinfo/openldap-technical Thanks, Gavin. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghenry(a)suretecsystems.com Open Source. Open Solutions(tm). http://www.suretecsystems.com/

15 years, 11 months

1
0
0 / 0

handshake failure

by Richard smith

OpenLDAP: slapd 2.3.27 Any help with the following is much appreciated. Why : 'Can't contact LDAP server (-1)' 'handshake failure' If I issue ldapsearch without and with options I get the same. Thanks, Richard ldapsearch ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) additional info: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure ldapsearch -H 'ldaps://xxxx.xxxx.xxxx.xxxx:636' -D 'uid=xxxx,dc=xxxx,dc=xxxx,dc=xxxx,dc=xxxx' -b 'uid=yyyy,ou=People,dc=xxxx,dc=xxxx,dc=xxxx,dc=xxxx' ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) additional info: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure /var/log/slapd.log Date Time xxxx slapd[1415]: conn=164 fd=14 ACCEPT from IP=xxxx.xxxx.xxxx.xxxx:33448 (IP=0.0.0.0:636) Date Time xxxx slapd[1415]: conn=164 fd=14 closed (TLS negotiation failure) Date Time xxxx slapd[1415]: conn=165 fd=14 ACCEPT from IP=xxxx.xxxx.xxxx.xxxx:33449 (IP=0.0.0.0:636) Date Time xxxx slapd[1415]: conn=165 fd=14 closed (TLS negotiation failure) --------------------------------- Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.

15 years, 11 months

1
0
0 / 0

ACL - peername

by Net Warrior

Hi there guys, I've got the following configuration with slapd 2.3.19 My aim is to restric user depending on their IP and group, well, this configuration doesn't work, and this is the first ACL in slapd.conf access to attrs=userPassword,shadowLastChange by peername.ip=172.16.4.100%255.255.0.0 set="([uid=] + ([cn=Domain Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth by users write by * none This one Does access to attrs=userPassword,shadowLastChange by peername.regex=172\.16\.4\..* set="([uid=] + ([cn=Domain Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth by users write by * none Whay is this, I do not know, but is not the real problem, cuz as long as I know, with regex I cannot tell which range of IP to limit like with peername.ip, I want to do this peername.ip=192.168.1.16%255.255.255.240. what's worst this doesn't even work by peername.ip=172.16.4.100 auth This is the log, trying to connect via secure shell using this ACL by peername.ip=172.16.4.100%255.255.0.0 set="([uid=] + ([cn=Domain Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: listen=8, new connection on 13 Jan 1 17:56:48 netwarrior slapd[2498]: daemon: added 13r Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 ACCEPT from IP= 172.16.4.120:53861 (IP=0.0.0.0:636) Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): unable to get TLS client DN, error=49 id=9 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 TLS established tls_ssf=256 ssf=256 Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: do_bind Jan 1 17:56:48 netwarrior slapd[2498]: ber_get_next on fd 13 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:48 netwarrior slapd[2498]: >>> dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: <<< dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy>, <cn=manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: do_bind: version=3 dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:48 netwarrior slapd[2498]: ==> bdb_bind: dn: cn=Manager,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0 Jan 1 17:56:48 netwarrior slapd[2498]: do_bind: v3 bind: "cn=Manager,dc=netwarrior,dc=com,dc=uy" to "cn=Manager,dc=netwarrior,dc=com,dc=uy" Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: conn=9 op=0 p=3 Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: err=0 matched="" text="" Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_response: msgid=1 tag=97 err=0 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 RESULT tag=97 err=0 text= Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 2 descriptors Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: do_search Jan 1 17:56:48 netwarrior slapd[2498]: >>> dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: <<< dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy>, <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: SRCH "dc=netwarrior,dc=com,dc=uy" 2 0 Jan 1 17:56:48 netwarrior slapd[2498]: 1 0 0 Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:48 netwarrior slapd[2498]: AND Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter_list Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter_list Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:48 netwarrior slapd[2498]: filter: (&(objectClass=ipHost)(ipHostNumber=172.16.4.100)) Jan 1 17:56:48 netwarrior slapd[2498]: attrs: Jan 1 17:56:48 netwarrior slapd[2498]: cn Jan 1 17:56:48 netwarrior slapd[2498]: ipHostNumber Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SRCH base="dc=netwarrior,dc=com,dc=uy" scope=2 deref=0 filter="(&(objectClass=ipHost)(ipHostNumber=172.16.4.100))" Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SRCH attr=cn ipHostNumber Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_search Jan 1 17:56:48 netwarrior slapd[2498]: bdb_dn2entry("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_dn2id("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_dn2id: got id=0x00000001 Jan 1 17:56:48 netwarrior slapd[2498]: entry_decode: "dc=netwarrior,dc=com,dc=uy" Jan 1 17:56:48 netwarrior slapd[2498]: <= entry_decode(dc=netwarrior,dc=com,dc=uy) Jan 1 17:56:48 netwarrior slapd[2498]: search_candidates: base="dc=netwarrior,dc=com,dc=uy" (0x00000001) scope=2 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_dn2idl("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: AND Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa0 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: OR Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa1 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_equality_candidates (objectClass) Jan 1 17:56:48 netwarrior slapd[2498]: => key_read Jan 1 17:56:48 netwarrior slapd[2498]: bdb_idl_fetch_key: [b49d1940] Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_index_read: failed (-30989) Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_equality_candidates: id=0, first=0, last=0 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: AND Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa0 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_equality_candidates (objectClass) Jan 1 17:56:48 netwarrior slapd[2498]: => key_read Jan 1 17:56:48 netwarrior slapd[2498]: bdb_idl_fetch_key: [7ec2180d] Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_index_read: failed (-30989) Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_equality_candidates: id=0, first=0, last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=1 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=1 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: ber_get_next on fd 13 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: bdb_search_candidates: id=0 first=1 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: bdb_search: no candidates Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: conn=9 op=1 p=3 Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: err=0 matched="" text="" Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_response: msgid=2 tag=101 err=0 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: listen=8, new connection on 15 Jan 1 17:56:50 netwarrior slapd[2498]: daemon: added 15r Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 fd=15 ACCEPT from IP= 172.16.4.120:53862 (IP=0.0.0.0:636) Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): unable to get TLS client DN, error=49 id=10 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 fd=15 TLS established tls_ssf=256 ssf=256 Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: do_bind Jan 1 17:56:50 netwarrior slapd[2498]: ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy>, <cn=manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3 dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn: cn=Manager,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0 Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: v3 bind: "cn=Manager,dc=netwarrior,dc=com,dc=uy" to "cn=Manager,dc=netwarrior,dc=com,dc=uy" Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: conn=10 op=0 p=3 Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: err=0 matched="" text="" Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_response: msgid=1 tag=97 err=0 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 RESULT tag=97 err=0 text= Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 2 descriptors Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: do_search Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy>, <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: SRCH "dc=netwarrior,dc=com,dc=uy" 2 0 Jan 1 17:56:50 netwarrior slapd[2498]: 1 0 0 Jan 1 17:56:50 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:50 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:50 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:50 netwarrior slapd[2498]: filter: (uid=pablo) Jan 1 17:56:50 netwarrior slapd[2498]: attrs: Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=1 SRCH base="dc=netwarrior,dc=com,dc=uy" scope=2 deref=0 filter="(uid=pablo)" Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_search Jan 1 17:56:50 netwarrior slapd[2498]: bdb_dn2entry("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:50 netwarrior slapd[2498]: search_candidates: base="dc=netwarrior,dc=com,dc=uy" (0x00000001) scope=2 Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_dn2idl("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:50 netwarrior slapd[2498]: AND Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_list_candidates 0xa0 Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:50 netwarrior slapd[2498]: do_bind Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 BIND anonymous mech=implicit ssf=0 Jan 1 17:56:50 netwarrior slapd[2498]: => get_ctrls Jan 1 17:56:50 netwarrior slapd[2498]: => get_ctrls: oid=" 1.3.6.1.4.1.42.2.27.8.5.1" (noncritical) Jan 1 17:56:50 netwarrior slapd[2498]: <= get_ctrls: n=1 rc=0 err="" Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy>, <uid=pablo,ou=users,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3 dn="uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 BIND dn="uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: slap_global_control: unavailable control: 1.3.6.1.4.1.42.2.27.8.5.1 Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn: uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:50 netwarrior slapd[2498]: bdb_dn2entry("uid=pablo,ou=users,dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: => access_allowed: auth access to "uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" "userPassword" requested Jan 1 17:56:50 netwarrior slapd[2498]: => acl_get: [1] attr userPassword Jan 1 17:56:50 netwarrior slapd[2498]: access_allowed: no res from state (userPassword) Jan 1 17:56:50 netwarrior slapd[2498]: => acl_mask: access to entry "uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy", attr "userPassword" requested Jan 1 17:56:50 netwarrior slapd[2498]: => acl_mask: to value by "", (=0) Jan 1 17:56:50 netwarrior slapd[2498]: <= acl_mask: [1] mask: =0 Jan 1 17:56:50 netwarrior slapd[2498]: => access_allowed: auth access denied by =0 Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: conn=10 op=2 p=3 Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: err=49 matched="" text="" Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_response: msgid=3 tag=97 err=49 Jan 1 17:56:50 netwarrior sshd[2554]: pam_ldap: error trying to bind as user "uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" (Invalid credentials) Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 RESULT tag=97 err=49 text= Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: do_bind Jan 1 17:56:50 netwarrior slapd[2498]: ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy>, <cn=manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3 dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=3 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn: cn=Manager,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=3 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0 Any idea how can I solve this? what am I doing wrong?, is there a way to limit a range of IP using regex? Thanks in advance Best regards, and happy new year.

15 years, 11 months

1
0
0 / 0

Need help:slapd crashed in syncrepl and mirror mode when deleting entry

by Savithri

Hi, Im using OpenLDAP 2.4.7 and using the mirrormode and syncrepl. My setup has 2 LDAP nodes, one as master and other as slave through a VIP. When the master goes down, the slave will become master and vice-versa. At any point to keep both the LDAP in sync I'm using mirror mode and syncrepl. When one node , say A is up (that is the active node) and the other node B is down, I delete some LDAP entry from node A. THen when i start node B, the slapd on node B crashes and i see a core file also. I have attached the logs (node_A_ldap.out and node_B_ldap.out ) files. Im using the following conf file. database bdb directory $MMAIL_VAR_DIR/ldap/ipu-mail-ldap suffix "o=mereonmail" rootdn "cn=admin,o=mereonmail" rootpw secret index objectClass,entryCSN,entryUUID pres,eq index mail,cn eq,sub overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 syncrepl rid=1 provider=ldap://${MMAIL_LDAP_PEER_HOSTNAME}:$MMAIL_LDAP_PORT bindmethod=simple binddn="cn=admin,o=mereonmail" credentials=ipunity filter="(objectClass=*)" searchbase="o=mereonmail" schemachecking=on type=refreshAndPersist interval=00:00:00:01 retry="60 +" mirrormode on serverID $NODE_ID PS: rid= 1 in both node A and node B. provider points to the other peer node. serverId= 1 on Node A and serverId= 2 on Node B Is this is know bug in OpenLDAP2.4.7?? Thanks in advance for your help. Savithri --------------------------------- Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.

15 years, 11 months

2
3
0 / 0

Re: [ldap] Re: OpenLDAP 2.3.39 under HPUX 11.31 online search coredumps

by Gavin Henry

>> 2.3.x should be used with BDB 4.6 > > Should *not*. ;) > Opps, yeah should not.

15 years, 11 months

1
0
0 / 0

write, then read delay with syncrepl/slapo-chain ?

by Peter Mogensen

Hi, I haev a quick question which I haven't been able to find an answer to in the docs: I have a slapd master with a couple of slaves (syncrepl refreshAndPersist). I can get updates to be diverted to the master with the chain overlay, but as the FAQ says there'll be a small delay before the changes are replicated back to the slaves. Is there anyway to automatically direct subsequent reads of the changed attributes to the master? Else I guess I'll have to implement referral chasing logic in the client so it doesn't try to read from the slave immediately after writing (and getting a referral). regards, Peter

15 years, 11 months

3
6
0 / 0

Overlay chain formatting

by Justin Lambert

I have spent the last week off and on trying to figure out why my chain overlay was not working correctly. I tried all combinations of it that I could find and finally found out that the parser of the slapd.conf file is picky about spacing. I was trying to make my config file look nice by indenting the options under "overlay chain" only to find after many frustrating hours that you cannot do that! I didn't find anywhere that that was explicitly documented (even though all of the examples were not formatted that way). I finally caught it when I upgraded to 2.4.7 wondering if there was a bug and slaptest gave a very unhelpful error, but it did help me narrow it down. Hopefully this will save someone my same frustrations. Incorrect way: overlay chain chain-uri "ldap://host" chain-rebind-as-user TRUE chain-idassert-bind bindmethod="simple" binddn="binduser" credentials="secret" mode="self" chain-return-error TRUE Correct way: overlay chain chain-uri "ldap://host" chain-rebind-as-user TRUE chain-idassert-bind bindmethod="simple" binddn="binduser" credentials="secret" mode="self" chain-return-error TRUE Justin

15 years, 11 months

4
4
0 / 0

back-sql

by Taymour A. El Erian

Hi, The man pages says that back-sql is experimental, does this mean it should not be used in production environment ? -- Taymour A El Erian System Division Manager RHCE, LPIC, CCNA, MCSE, CNA TE Data E-mail: taymour.elerian(a)tedata.net Web: www.tedata.net Tel: +(202)-33320700 Fax: +(202)-33320800 Ext: 1101

15 years, 11 months

2
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-software January 2008