Hi there guys, I've got the following configuration with slapd 2.3.19
My aim is to restric user depending on their IP and group, well, this configuration doesn't work, and this is the first ACL in slapd.conf
access to attrs=userPassword,shadowLastChange by peername.ip=172.16.4.100%255.255.0.0 set="([uid=] + ([cn=Domain Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth by users write by * none
This one Does
access to attrs=userPassword,shadowLastChange by peername.regex=172.16.4..* set="([uid=] + ([cn=Domain Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth by users write by * none
Whay is this, I do not know, but is not the real problem, cuz as long as I know, with regex I cannot tell which range of IP to limit like with peername.ip, I want to do this peername.ip=192.168.1.16%255.255.255.240.
what's worst this doesn't even work by peername.ip=172.16.4.100 auth
This is the log, trying to connect via secure shell using this ACL by peername.ip=172.16.4.100%255.255.0.0 set="([uid=] + ([cn=Domain Users,ou=Groups,dc=netwarrior,dc=com,dc=uy])" auth
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: listen=8, new connection on 13 Jan 1 17:56:48 netwarrior slapd[2498]: daemon: added 13r Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 ACCEPT from IP= 172.16.4.120:53861 (IP=0.0.0.0:636) Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): unable to get TLS client DN, error=49 id=9 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 TLS established tls_ssf=256 ssf=256
Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: do_bind Jan 1 17:56:48 netwarrior slapd[2498]: ber_get_next on fd 13 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:48 netwarrior slapd[2498]: >>> dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: <<< dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy>, <cn=manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: do_bind: version=3 dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:48 netwarrior slapd[2498]: ==> bdb_bind: dn: cn=Manager,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0 Jan 1 17:56:48 netwarrior slapd[2498]: do_bind: v3 bind: "cn=Manager,dc=netwarrior,dc=com,dc=uy" to "cn=Manager,dc=netwarrior,dc=com,dc=uy" Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: conn=9 op=0 p=3 Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: err=0 matched="" text="" Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_response: msgid=1 tag=97 err=0
Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=0 RESULT tag=97 err=0 text= Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on 2 descriptors Jan 1 17:56:48 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:48 netwarrior slapd[2498]: 13r Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: daemon: read active on 13 Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13) Jan 1 17:56:48 netwarrior slapd[2498]: connection_get(13): got connid=9 Jan 1 17:56:48 netwarrior slapd[2498]: connection_read(13): checking for input on id=9 Jan 1 17:56:48 netwarrior slapd[2498]: do_search Jan 1 17:56:48 netwarrior slapd[2498]: >>> dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: <<< dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy>, <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:48 netwarrior slapd[2498]: SRCH "dc=netwarrior,dc=com,dc=uy" 2 0 Jan 1 17:56:48 netwarrior slapd[2498]: 1 0 0 Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:48 netwarrior slapd[2498]: AND Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter_list Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:48 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter_list Jan 1 17:56:48 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:48 netwarrior slapd[2498]: filter: (&(objectClass=ipHost)(ipHostNumber=172.16.4.100))
Jan 1 17:56:48 netwarrior slapd[2498]: attrs: Jan 1 17:56:48 netwarrior slapd[2498]: cn Jan 1 17:56:48 netwarrior slapd[2498]: ipHostNumber Jan 1 17:56:48 netwarrior slapd[2498]: Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SRCH base="dc=netwarrior,dc=com,dc=uy" scope=2 deref=0 filter="(&(objectClass=ipHost)(ipHostNumber=172.16.4.100))" Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SRCH attr=cn ipHostNumber Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_search Jan 1 17:56:48 netwarrior slapd[2498]: bdb_dn2entry("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_dn2id("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_dn2id: got id=0x00000001 Jan 1 17:56:48 netwarrior slapd[2498]: entry_decode: "dc=netwarrior,dc=com,dc=uy" Jan 1 17:56:48 netwarrior slapd[2498]: <= entry_decode(dc=netwarrior,dc=com,dc=uy) Jan 1 17:56:48 netwarrior slapd[2498]: search_candidates: base="dc=netwarrior,dc=com,dc=uy" (0x00000001) scope=2 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_dn2idl("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: AND Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa0 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: OR Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa1 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_equality_candidates (objectClass) Jan 1 17:56:48 netwarrior slapd[2498]: => key_read Jan 1 17:56:48 netwarrior slapd[2498]: bdb_idl_fetch_key: [b49d1940] Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_index_read: failed (-30989) Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_equality_candidates: id=0, first=0, last=0
Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: AND Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_list_candidates 0xa0 Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:48 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:48 netwarrior slapd[2498]: => bdb_equality_candidates (objectClass) Jan 1 17:56:48 netwarrior slapd[2498]: => key_read Jan 1 17:56:48 netwarrior slapd[2498]: bdb_idl_fetch_key: [7ec2180d] Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_index_read: failed (-30989) Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_equality_candidates: id=0, first=0, last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=0 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_list_candidates: id=0 first=1 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: <= bdb_filter_candidates: id=0 first=1 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: ber_get_next on fd 13 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:48 netwarrior slapd[2498]: bdb_search_candidates: id=0 first=1 last=0 Jan 1 17:56:48 netwarrior slapd[2498]: bdb_search: no candidates Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: conn=9 op=1 p=3 Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_result: err=0 matched="" text="" Jan 1 17:56:48 netwarrior slapd[2498]: send_ldap_response: msgid=2 tag=101 err=0 Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: daemon: listen=8, new connection on 15 Jan 1 17:56:50 netwarrior slapd[2498]: daemon: added 15r Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 fd=15 ACCEPT from IP= 172.16.4.120:53862 (IP=0.0.0.0:636) Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): unable to get TLS client DN, error=49 id=10 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 fd=15 TLS established tls_ssf=256 ssf=256 Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: do_bind Jan 1 17:56:50 netwarrior slapd[2498]: ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy>, <cn=manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3 dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn: cn=Manager,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0 Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: v3 bind: "cn=Manager,dc=netwarrior,dc=com,dc=uy" to "cn=Manager,dc=netwarrior,dc=com,dc=uy" Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: conn=10 op=0 p=3 Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: err=0 matched="" text="" Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_response: msgid=1 tag=97 err=0 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=0 RESULT tag=97 err=0 text= Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 2 descriptors Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on:
Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: do_search Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <dc=netwarrior,dc=com,dc=uy>, <dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: SRCH "dc=netwarrior,dc=com,dc=uy" 2 0 Jan 1 17:56:50 netwarrior slapd[2498]: 1 0 0 Jan 1 17:56:50 netwarrior slapd[2498]: begin get_filter Jan 1 17:56:50 netwarrior slapd[2498]: EQUALITY Jan 1 17:56:50 netwarrior slapd[2498]: end get_filter 0 Jan 1 17:56:50 netwarrior slapd[2498]: filter: (uid=pablo) Jan 1 17:56:50 netwarrior slapd[2498]: attrs: Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=1 SRCH base="dc=netwarrior,dc=com,dc=uy" scope=2 deref=0 filter="(uid=pablo)" Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_search Jan 1 17:56:50 netwarrior slapd[2498]: bdb_dn2entry("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:50 netwarrior slapd[2498]: search_candidates: base="dc=netwarrior,dc=com,dc=uy" (0x00000001) scope=2 Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_dn2idl("dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_filter_candidates Jan 1 17:56:50 netwarrior slapd[2498]: AND Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_list_candidates 0xa0 Jan 1 17:56:50 netwarrior slapd[2498]: => bdb_filter_candidates
Jan 1 17:56:50 netwarrior slapd[2498]: do_bind Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 BIND anonymous mech=implicit ssf=0 Jan 1 17:56:50 netwarrior slapd[2498]: => get_ctrls Jan 1 17:56:50 netwarrior slapd[2498]: => get_ctrls: oid=" 1.3.6.1.4.1.42.2.27.8.5.1" (noncritical) Jan 1 17:56:50 netwarrior slapd[2498]: <= get_ctrls: n=1 rc=0 err="" Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy>, <uid=pablo,ou=users,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3 dn="uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 BIND dn="uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: slap_global_control: unavailable control: 1.3.6.1.4.1.42.2.27.8.5.1 Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn: uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:50 netwarrior slapd[2498]: bdb_dn2entry("uid=pablo,ou=users,dc=netwarrior,dc=com,dc=uy") Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=7 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: daemon: select: listen=8 active_threads=0 tvp=zero Jan 1 17:56:50 netwarrior slapd[2498]: => access_allowed: auth access to "uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" "userPassword" requested Jan 1 17:56:50 netwarrior slapd[2498]: => acl_get: [1] attr userPassword Jan 1 17:56:50 netwarrior slapd[2498]: access_allowed: no res from state (userPassword) Jan 1 17:56:50 netwarrior slapd[2498]: => acl_mask: access to entry "uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy", attr "userPassword" requested Jan 1 17:56:50 netwarrior slapd[2498]: => acl_mask: to value by "", (=0)
Jan 1 17:56:50 netwarrior slapd[2498]: <= acl_mask: [1] mask: =0 Jan 1 17:56:50 netwarrior slapd[2498]: => access_allowed: auth access denied by =0 Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: conn=10 op=2 p=3 Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_result: err=49 matched="" text="" Jan 1 17:56:50 netwarrior slapd[2498]: send_ldap_response: msgid=3 tag=97 err=49 Jan 1 17:56:50 netwarrior sshd[2554]: pam_ldap: error trying to bind as user "uid=pablo,ou=Users,dc=netwarrior,dc=com,dc=uy" (Invalid credentials) Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=2 RESULT tag=97 err=49 text= Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on 1 descriptor Jan 1 17:56:50 netwarrior slapd[2498]: daemon: activity on: Jan 1 17:56:50 netwarrior slapd[2498]: 15r Jan 1 17:56:50 netwarrior slapd[2498]: Jan 1 17:56:50 netwarrior slapd[2498]: daemon: read active on 15 Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15) Jan 1 17:56:50 netwarrior slapd[2498]: connection_get(15): got connid=10 Jan 1 17:56:50 netwarrior slapd[2498]: connection_read(15): checking for input on id=10 Jan 1 17:56:50 netwarrior slapd[2498]: do_bind Jan 1 17:56:50 netwarrior slapd[2498]: ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable) Jan 1 17:56:50 netwarrior slapd[2498]: >>> dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: <<< dnPrettyNormal: <cn=Manager,dc=netwarrior,dc=com,dc=uy>, <cn=manager,dc=netwarrior,dc=com,dc=uy> Jan 1 17:56:50 netwarrior slapd[2498]: do_bind: version=3 dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=3 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" method=128 Jan 1 17:56:50 netwarrior slapd[2498]: ==> bdb_bind: dn: cn=Manager,dc=netwarrior,dc=com,dc=uy Jan 1 17:56:50 netwarrior slapd[2498]: conn=10 op=3 BIND dn="cn=Manager,dc=netwarrior,dc=com,dc=uy" mech=SIMPLE ssf=0
Any idea how can I solve this? what am I doing wrong?, is there a way to limit a range of IP using regex?
Thanks in advance Best regards, and happy new year.
openldap-software@openldap.org
-
Net Warrior