Virtual list view problem
by Venish Khant
Hi all
I am using cpan Net::LDAP module to access LDAP entries. I want to
search LDAP entries using Net::LDAP search method. When I do search, I
want some limited number of entries from search result, for
this(searching) process I am using Net::LDAP::Control::VLV module. But
I get error on VLV response control. Please, any one have idea about
this error.
*
Error:* Died at vlv.pl line 50,
This is my example. I changed the font style of line 50
#!/usr/bin/perl -w
use Net::LDAP;
use Net::LDAP::Control::VLV;
use Net::LDAP::Constant qw( LDAP_CONTROL_VLVRESPONSE );
use Net::LDAP::Control::Sort;
sub procentry {
my ( $mesg, $entry) = @_;
# Return if there is no entry to process
if ( !defined($entry) ) {
return;
}
print "dn: " . $entry->dn() . "\n";
@attrs = $entry->attributes();
foreach $attr (@attrs) {
#printf("\t%s: %s\n", $attr, $entry->get_value($attr));
$attrvalue = $entry->get_value($attr,asref=>1);
#print $attr.":". $entry->get_value($attr)."\n";
foreach $value(@$attrvalue) {
print "$attr: $value\n";
}
}
$mesg->pop_entry;
print "\n";
}
$ldap = Net::LDAP->new( "localhost" );
# Get the first 20 entries
$vlv = Net::LDAP::Control::VLV->new(
before => 0, # No entries from before target entry
after => 19, # 19 entries after target entry
content => 0, # List size unknown
offset => 1, # Target entry is the first
);
my $sort = Net::LDAP::Control::Sort->new( order => 'cn' );
@args = ( base => "dc=example,dc=co,dc=in",
scope => "subtree",
filter => "(objectClass=inetOrgPerson)",
callback => \&procentry, # Call this sub for each entry
control => [ $sort, $vlv ],
);
$mesg = $ldap->search( @args );
# Get VLV response control
*($resp) = $mesg->control( LDAP_CONTROL_VLVRESPONSE ) or die;*
$vlv->response( $resp );
# Set the control to get the last 20 entries
$vlv->end;
$mesg = $ldap->search( @args );
# Get VLV response control
($resp) = $mesg->control( LDAP_CONTROL_VLVRESPONSE ) or die;
$vlv->response( $resp );
# Now get the previous page
$vlv->scroll_page( -1 );
$mesg = $ldap->search( @args );
# Get VLV response control
($resp) = $mes
# Now page with first entry starting with "B" in the middle
$vlv->before(9); # Change page to show 9 before
$vlv->after(10); # Change page to show 10 after
$vlv->assert("B"); # assert "B"
$mesg = $ldap->search( @args );g->control( LDAP_CONTROL_VLVRESPONSE ) or
die;
$vlv->response( $resp );
--
Venish Khant
www.deeproot.co.in
7 years, 6 months
SASL passthrough - multiple domains
by Liam Gretton
I have a working configuration with pass-through auth to an AD domain
using saslauthd.
However now there is a requirement to be able to handle another domain
too, and I cannot work out how to do this. It seems that saslauthd
cannot deal with multiple Kerberos realms, no matter what hoops one
jumps through it eventually boils down to only using whatever
'default_realm' is set to in the krb5.conf file.
Using multiple saslauthd daemons isn't possible either as there's no way
(that I can work out) of getting OpenLDAP to use anything other than the
single socket specified in /etc/sasl2/slapd.conf.
My final idea was to run an LDAP instance per realm, each talking to the
separate saslauthd daemons, and have another outward facing LDAP service
with these as the backends but that's a non starter too because there's
no way of specifying the sasl slapd.conf file, it seems sasl always
looks in /etc/sasl2 for a file derived from the process name (a chroot
environment for each LDAP server is therefore the next thing to look at).
But this seems like a lot of work just to be able to authenticate users
against multiple domains. I appreciate this is a SASL issue rather than
a problem with OpenLDAP, but I'm hoping that someone here has cracked
this already. Googling hasn't thrown up an solution that I can find.
--
Liam Gretton liam.gretton(a)le.ac.uk
HPC Architect http://www.le.ac.uk/its
IT Services Tel: +44 (0)116 2522254
University of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom
11 years, 5 months
Pass-though Authentication with Saslauthd and Kerberos
by Jeff B
I'm attempting to get pass-though auth to work against saslauthd and
kerberos and while the problem seems to be in sasl I think it's most
likely to be seen in this type of configuration with opendap which I
why I chose this mailing list.
When I run testsaslauthd it works but when I run ldapsearch it fails.
But the curious thing is where it is failing. in doing straces of
saslauthd and packet traces I've found that when ldapsearch calls
salsauthd, and not when I run saslauthd kerberos does not deliver the
AS-REP packets till just after saslauthd times out.
I can't find any difference in how I'm invoking saslauthd with
testdaslauthd and how ldapsearch is invoking saslauthd. However the
packet traces are quite different as you will see below.
I've seen these kind of errors here and there on google but no
resolutions that I can find.
(http://www.openldap.org/lists/openldap-software/200602/msg00278.html)
Centos 6
openldap-2.4.23-15.el6_1.3.x86_64
openldap-clients-2.4.23-15.el6_1.3.x86_64
openldap-servers-2.4.23-15.el6_1.3.x86_64
openldap-devel-2.4.23-15.el6_1.3.x86_64
krb5-server-1.9-9.el6_1.2.x86_64
krb5-server-ldap-1.9-9.el6_1.2.x86_64
krb5-workstation-1.9-9.el6_1.2.x86_64
krb5-libs-1.9-9.el6_1.2.x86_64
cyrus-sasl-2.1.23-8.el6.x86_64
cyrus-sasl-lib-2.1.23-8.el6.x86_64
cyrus-sasl-gssapi-2.1.23-8.el6.x86_64
cyrus-sasl-plain-2.1.23-8.el6.x86_64
cyrus-sasl-devel-2.1.23-8.el6.x86_64
My slapd.conf contains nothing regarding kerberos / sasl /
pass-through authentication. I'm using a slapd.conf file for the time
being till i get it all worked out and plan on converting it to a
cn=config configuration.
In my DIT the userPassword field contains: {SASL}myuser@MYREALM where
myuser and my realm are replaced with the proper values.
/etc/sasl2/slapd.conf:
mech_list: plain
pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
/etc/sysconfig/saslauthd
KRB5_KTNAME=/etc/krb5.keytab
SOCKETDIR=/var/run/saslauthd
MECH=kerberos5
Which builds a daemon command line of:
/usr/sbin/saslauthd -m /var/run/saslauthd -a kerberos5
My system keytab is:
/etc/krb5.keytab (root.ldap 0640)
host/my.hostname@realm
ldap/my.hostname@realm
My socket parent dir is:
/var/run/saslauthd (root.ldap 0770)
When I run testsaslauthd I get a packet trace between saslauthd and
kerberos is all UDP and works:
> AS-REQ
< KRB5KDC_ERR_PREAUTH_REQUIRED (25)
> AS-REQ
< AS-REP
> TGS-REQ
< TGS-REP
When I run ldapsearch the packet trace between saslauthd and kerberos
is UDP and TCP communication. None of the kerberos replies come back
for 18 seconds, the time it takes saslauthd to time out.
> AS-REQ
< KRB5KDC_ERR_PREAUTH_REQUIRED (25)
> AS-REQ
> TCP SYN
< TCP SYN, ACK
> TCP ACK
> TCP AS-REQ
< TCP ACK
> AS-REQ
> AS-REQ
> TCP FIN, ACK <-- saslauthd times out and the AS-REPS all come back at once.
< AS-REP
< AS-REP
< AS-REP
< TCP AS-REP
> TCP RST
an strace of saslauthd supports this timeout theory as it shows the
the timeouts and backoffs.
I can't find any info regarding saslauthd and TCP or UDP or timeouts
like this. Any ideas?
11 years, 6 months
ACL syntax with wildcards
by Nick Milas
Hi,
We would like to use ACL statements of the form (used for illustration
purposes):
access to dn.subtree="ou=people,dc=example,dc=com"
filter="(ou=xxxxx)" attrs="someAttrs"
by group.exact="cn=xxxxxAdmins,ou=Groups,dc=example,dc=com" write
by group.exact="cn=allAdmins,ou=Groups,dc=example,dc=com" read
by self read
where xxxxx is some string.
In essence, we assign people entries to various administrative groups,
depending on the value of the ou attribute of the entry.
Of course we can write many statements, one per ou value / admin group,
but it would be much more concise to use just one statement using wildcards.
Could someone please suggest if and how the above can be written
correctly, using e.g. regex?
I appreciate any suggestions.
Thanks,
Nick
11 years, 6 months
DEL don't get synced
by Marc Patermann
Hi,
under some circumstances DEL don't get replicated to the consumers
(SyncRepl). I think this has to do with other changes at the some moment.
I attached two logs excepts in sync.log.
In the first except there is only a DEL
Jan 31 09:16:01 ldapserver slapd[10641]: conn=79138 op=2 DEL
dn="employeeNumber=19676,ou=humans,ou=foo"
For this there is a
Jan 31 09:16:01 ldapserver slapd[10641]: syncprov_sendresp:
cookie=rid=401,csn=20120131081601.377028Z#000000#000#000000
line for every connected consumer.
In the second step there is a MOD and a DEL
Jan 31 10:31:01 ldapserver slapd[10641]: conn=79938 op=2 MOD
dn="ou=FA-WF,ou=gruppen,ou=humans,ou=foo"
Jan 31 10:31:01 ldapserver slapd[10641]: conn=79938 op=3 DEL
dn="employeeNumber=24387,ou=humans,ou=foo"
As far as I can see, there is only sync activity for the MOD action, and
not for the DEL action. The DEL is not synced.
Marc
11 years, 7 months
db in shadow context without replication
by Julien Soula
hello,
I have a problem with a cancelation of replication of cn=config. I
configured replication of cn=config in slapd.d (without slapd.conf)
and I wanted to stop it.
First one, I didn't see how to cancel replication in cn=config
otherwise that deleting olcSyncRepl attribute directly in slapd.d
files since database was in shadow context. Is there a proper way ?
So I stopped slapd and deleted olcSyncRepl attribute and restarted
it. But when I commited change, it failed with error : "shadow context
without update referral" (there is no more olcSyncRepl in config) !
I tried to enable olcMirrorMode (directly in files again) but slapd
crashed at start saying that the database was not in shadow context !
I cannot explain this behaviour. How the server determine that a
database is in shadow context or not ? Is there a cache somewhere ?
Sincerly,
--
Julien
<< Vous n'avez rien a dire... Parlons-en! >>
11 years, 8 months
GSSAPI (SASL) + LDAP
by Daniel Savard
Hi everyone,
I am trying to implement Kerberos authentication and I believe I am
almost there, however when I run the ldapwhoami command I am getting a
segmentation fault rather than a success message. Here is the output of
the ldapwhoami (yes, I have a Kerberos ticket):
SASL/GSSAPI authentication started
SASL username: dsavard(a)CIDS.CA
SASL SSF: 56
SASL data security layer installed.
dn:cn=daniel savard,dc=cids,dc=ca
Segmentation fault
The cn is properly mapped. When switching debug on I am getting the
following messages and the only thing I find as a potential indication
of my problem is this message (res_errno: 14, res_error: <SASL(0):
successful result: security flags do not match required>, res_matched:
<>) however I am not able to decipher what it means exactly:
ldap_create
ldap_pvt_sasl_getmech
ldap_search
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_build_search_req ATTRS: supportedSASLMechanisms
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_path
ldap_new_socket: 4
ldap_connect_to_path: Trying /var/run/openldap/slapd.sock
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_ndelay_on: 4
ldap_ndelay_off: 4
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x8058928 ptr=0x8058928 end=0x8058968 len=64
0000: 30 3e 02 01 01 63 39 04 00 0a 01 00 0a 01 00 02
0>...c9.........
0010: 01 00 02 01 02 01 01 00 87 0b 6f 62 6a 65 63
74 ..........object
0020: 63 6c 61 73 73 30 19 04 17 73 75 70 70 6f 72 74
class0...support
0030: 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73
edSASLMechanisms
ber_scanf fmt ({) ber:
ber_dump: buf=0x8058928 ptr=0x805892d end=0x8058968 len=59
0000: 63 39 04 00 0a 01 00 0a 01 00 02 01 00 02 01 02
c9..............
0010: 01 01 00 87 0b 6f 62 6a 65 63 74 63 6c 61 73
73 .....objectclass
0020: 30 19 04 17 73 75 70 70 6f 72 74 65 64 53 41 53
0...supportedSAS
0030: 4c 4d 65 63 68 61 6e 69 73 6d 73
LMechanisms
ber_flush2: 64 bytes to sd 4
0000: 30 3e 02 01 01 63 39 04 00 0a 01 00 0a 01 00 02
0>...c9.........
0010: 01 00 02 01 02 01 01 00 87 0b 6f 62 6a 65 63
74 ..........object
0020: 63 6c 61 73 73 30 19 04 17 73 75 70 70 6f 72 74
class0...support
0030: 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73
edSASLMechanisms
ldap_write: want=64, written=64
0000: 30 3e 02 01 01 63 39 04 00 0a 01 00 0a 01 00 02
0>...c9.........
0010: 01 00 02 01 02 01 01 00 87 0b 6f 62 6a 65 63
74 ..........object
0020: 63 6c 61 73 73 30 19 04 17 73 75 70 70 6f 72 74
class0...support
0030: 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73
edSASLMechanisms
ldap_result ld 0x8058520 msgid 1
wait4msg ld 0x8058520 msgid 1 (infinite timeout)
wait4msg continue ld 0x8058520 msgid 1 all 1
** ld 0x8058520 Connections:
* host: (null) port: 0 (default)
refcnt: 2 status: Connected
last used: Thu Feb 9 15:30:01 2012
** ld 0x8058520 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
ld 0x8058520 request count 1 (abandoned 0)
** ld 0x8058520 Response Queue:
Empty
ld 0x8058520 response count 0
ldap_chkResponseList ld 0x8058520 msgid 1 all 1
ldap_chkResponseList returns ld 0x8058520 NULL
ldap_int_select
read1msg: ld 0x8058520 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 62 02 01 01 64 5d 04
0b...d].
ldap_read: want=92, got=92
0000: 00 30 59 30 57 04 17 73 75 70 70 6f 72 74 65
64 .0Y0W..supported
0010: 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73 31 3c
SASLMechanisms1<
0020: 04 05 50 4c 41 49 4e 04 04 4e 54 4c 4d 04 05
4c ..PLAIN..NTLM..L
0030: 4f 47 49 4e 04 06 47 53 53 41 50 49 04 0a 44 49
OGIN..GSSAPI..DI
0040: 47 45 53 54 2d 4d 44 35 04 08 43 52 41 4d 2d 4d
GEST-MD5..CRAM-M
0050: 44 35 04 08 45 58 54 45 52 4e 41 4c
D5..EXTERNAL
ber_get_next: tag 0x30 len 98 contents:
ber_dump: buf=0x8059a58 ptr=0x8059a58 end=0x8059aba len=98
0000: 02 01 01 64 5d 04 00 30 59 30 57 04 17 73 75
70 ...d]..0Y0W..sup
0010: 70 6f 72 74 65 64 53 41 53 4c 4d 65 63 68 61 6e
portedSASLMechan
0020: 69 73 6d 73 31 3c 04 05 50 4c 41 49 4e 04 04 4e
isms1<..PLAIN..N
0030: 54 4c 4d 04 05 4c 4f 47 49 4e 04 06 47 53 53 41
TLM..LOGIN..GSSA
0040: 50 49 04 0a 44 49 47 45 53 54 2d 4d 44 35 04 08
PI..DIGEST-MD5..
0050: 43 52 41 4d 2d 4d 44 35 04 08 45 58 54 45 52 4e
CRAM-MD5..EXTERN
0060: 41 4c
AL
read1msg: ld 0x8058520 msgid 1 message type search-entry
wait4msg continue ld 0x8058520 msgid 1 all 1
** ld 0x8058520 Connections:
* host: (null) port: 0 (default)
refcnt: 2 status: Connected
last used: Thu Feb 9 15:30:01 2012
** ld 0x8058520 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
ld 0x8058520 request count 1 (abandoned 0)
** ld 0x8058520 Response Queue:
* msgid 1, type 100
ld 0x8058520 response count 1
ldap_chkResponseList ld 0x8058520 msgid 1 all 1
ldap_chkResponseList returns ld 0x8058520 NULL
ldap_int_select
read1msg: ld 0x8058520 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 65 07 0a
0....e..
ldap_read: want=6, got=6
0000: 01 00 04 00 04
00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x8059b10 ptr=0x8059b10 end=0x8059b1c len=12
0000: 02 01 01 65 07 0a 01 00 04 00 04
00 ...e........
read1msg: ld 0x8058520 msgid 1 message type search-result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8059b10 ptr=0x8059b13 end=0x8059b1c len=9
0000: 65 07 0a 01 00 04 00 04 00
e........
read1msg: ld 0x8058520 0 new referrals
read1msg: mark request completed, ld 0x8058520 msgid 1
request done: ld 0x8058520 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
adding response ld 0x8058520 msgid 1 type 101:
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8059b10 ptr=0x8059b13 end=0x8059b1c len=9
0000: 65 07 0a 01 00 04 00 04 00
e........
ber_scanf fmt (}) ber:
ber_dump: buf=0x8059b10 ptr=0x8059b1c end=0x8059b1c len=0
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_dump: buf=0x8059a58 ptr=0x8059a5b end=0x8059aba len=95
0000: 64 5d 04 00 30 59 30 57 04 17 73 75 70 70 6f 72
d]..0Y0W..suppor
0010: 74 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d
tedSASLMechanism
0020: 73 31 3c 04 05 50 4c 41 49 4e 04 04 4e 54 4c 4d
s1<..PLAIN..NTLM
0030: 04 05 4c 4f 47 49 4e 04 06 47 53 53 41 50 49
04 ..LOGIN..GSSAPI.
0040: 0a 44 49 47 45 53 54 2d 4d 44 35 04 08 43 52
41 .DIGEST-MD5..CRA
0050: 4d 2d 4d 44 35 04 08 45 58 54 45 52 4e 41 4c
M-MD5..EXTERNAL
ber_scanf fmt ([v]) ber:
ber_dump: buf=0x8059a58 ptr=0x8059a7c end=0x8059aba len=62
0000: 31 3c 04 05 50 4c 41 49 4e 04 04 4e 54 4c 4d 04
1<..PLAIN..NTLM.
0010: 05 4c 4f 47 49 4e 04 06 47 53 53 41 50 49 04
0a .LOGIN..GSSAPI..
0020: 44 49 47 45 53 54 2d 4d 44 35 04 08 43 52 41 4d
DIGEST-MD5..CRAM
0030: 2d 4d 44 35 04 08 45 58 54 45 52 4e 41 4c
-MD5..EXTERNAL
ldap_msgfree
ldap_sasl_interactive_bind: server supports: PLAIN NTLM LOGIN GSSAPI
DIGEST-MD5 CRAM-MD5 EXTERNAL
ldap_int_sasl_bind: PLAIN NTLM LOGIN GSSAPI DIGEST-MD5 CRAM-MD5 EXTERNAL
ldap_int_sasl_open: host=charpak.cids.ca
SASL/GSSAPI authentication started
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x80671b0 ptr=0x80671b0 end=0x8067429 len=633
0000: 30 82 02 75 02 01 02 60 82 02 6e 02 01 03 04 00
0..u...`..n.....
0010: a3 82 02 65 04 06 47 53 53 41 50 49 04 82 02
59 ...e..GSSAPI...Y
0020: 60 82 02 55 06 09 2a 86 48 86 f7 12 01 02 02 01
`..U..*.H.......
0030: 00 6e 82 02 44 30 82 02 40 a0 03 02 01 05 a1
03 .n..D0..@.......
0040: 02 01 0e a2 07 03 05 00 20 00 00 00 a3 82 01
5a ........ ......Z
0050: 61 82 01 56 30 82 01 52 a0 03 02 01 05 a1 09 1b
a..V0..R........
0060: 07 43 49 44 53 2e 43 41 a2 22 30 20 a0 03 02
01 .CIDS.CA."0 ....
0070: 03 a1 19 30 17 1b 04 6c 64 61 70 1b 0f 63 68
61 ...0...ldap..cha
0080: 72 70 61 6b 2e 63 69 64 73 2e 63 61 a3 82 01 1a
rpak.cids.ca....
0090: 30 82 01 16 a0 03 02 01 12 a1 03 02 01 07 a2 82
0...............
00a0: 01 08 04 82 01 04 46 c7 d2 fb b5 63 13 9d ce
54 ......F....c...T
00b0: a8 bc 61 02 7c 9b a4 4a b5 e4 97 5d 04 6d 68
26 ..a.|..J...].mh&
00c0: e3 1a 4c 34 2d d5 ac 13 1d ee a4 24 53 2b 27
d8 ..L4-......$S+'.
00d0: 5e 3a 72 f3 7d 38 09 8b 0b b0 10 3a 84 66 fa 49
^:r.}8.....:.f.I
00e0: 04 76 92 14 0b e4 91 0a 5f 08 d0 d7 36 5b cf
c2 .v......_...6[..
00f0: 0e a6 05 b9 77 28 73 43 62 85 0e 6e 86 c0 d1
3e ....w(sCb..n...>
0100: a5 2e 7b ba c8 1e 1d e2 ce c0 53 04 aa f3 5c
ac ..{.......S...\.
0110: 2b 98 d5 b2 0c b9 95 be 21 c7 df cf 6b ce 9f af
+.......!...k...
0120: 29 c4 b5 ea 89 04 16 ec 6a 3b 93 79 34 99 9e c1
).......j;.y4...
0130: c1 92 66 f3 d1 3f c2 87 84 a2 b4 1b 69 ea 11
eb ..f..?......i...
0140: 93 bc d3 9b 55 eb 4f 8b 3b c2 dc 18 10 9d 89
76 ....U.O.;......v
0150: 0b 1d 5a 9f 8c 82 47 d8 de 24 5c e1 18 e1 e1
a3 ..Z...G..$\.....
0160: e1 e2 db 94 fa 20 c4 63 c6 68 03 d3 79 d8 37
b1 ..... .c.h..y.7.
0170: 67 a5 21 18 4e 38 37 2d 57 7d e5 83 97 a4 df 9f
g.!.N87-W}......
0180: d0 72 18 76 b9 1b 7d 6b fd 2b db 0d ce 7a 1c
f5 .r.v..}k.+...z..
0190: cf 47 35 fd ef e0 86 15 a7 79 d0 91 f0 31 0c
02 .G5......y...1..
01a0: f5 f9 96 07 15 b5 d1 bf cf 6e a4 81 cc 30 81
c9 .........n...0..
01b0: a0 03 02 01 12 a2 81 c1 04 81 be f4 d4 c2 6c
9f ..............l.
01c0: 6b 72 ad 63 cf ed a5 9b 09 e2 b9 d1 8a 75 4f 95
kr.c.........uO.
01d0: 0d 02 7c 8f 30 c6 39 3f 77 8d 05 09 18 bc 6c
6f ..|.0.9?w.....lo
01e0: 28 cb a2 8d 25 6f cd c0 d0 5f 1e 30 81 02 88 1a (...%
o..._.0....
01f0: 8d 90 2d 0a a8 e4 89 d6 a4 52 00 58 7b 85 d1
6a ..-......R.X{..j
0200: 7b c6 d5 6e 3b d1 c6 5e db 86 3a 21 bb ea ff 33
{..n;..^..:!...3
0210: b1 e6 0c c6 8f cc 71 46 a4 29 7c 29 4b dd 7f 7b ......qF.)|
)K..{
0220: 40 03 4d 79 e4 54 b5 21 08 e9 a5 96 9f 3c 96 3c
@.My.T.!.....<.<
0230: 0b 89 ed 52 d6 1a 74 44 f6 95 cc 77 db 03 38
86 ...R..tD...w..8.
0240: 65 b3 db 87 75 3d 1b 1d f0 ad f2 f1 b3 e8 29 17
e...u=........).
0250: a5 2d 43 d1 d3 35 9d fe 87 72 90 44 bd d0 b1
58 .-C..5...r.D...X
0260: e8 64 dd 93 5c b8 f8 5c 70 9f 7f 1d a0 9b 6e
be .d..\..\p.....n.
0270: 29 24 a7 3e 9a 34 f4 c3 6a
)$.>.4..j
ber_scanf fmt ({i) ber:
ber_dump: buf=0x80671b0 ptr=0x80671b7 end=0x8067429 len=626
0000: 60 82 02 6e 02 01 03 04 00 a3 82 02 65 04 06 47
`..n........e..G
0010: 53 53 41 50 49 04 82 02 59 60 82 02 55 06 09 2a
SSAPI...Y`..U..*
0020: 86 48 86 f7 12 01 02 02 01 00 6e 82 02 44 30
82 .H........n..D0.
0030: 02 40 a0 03 02 01 05 a1 03 02 01 0e a2 07 03
05 .@..............
0040: 00 20 00 00 00 a3 82 01 5a 61 82 01 56 30 82
01 . ......Za..V0..
0050: 52 a0 03 02 01 05 a1 09 1b 07 43 49 44 53 2e 43
R.........CIDS.C
0060: 41 a2 22 30 20 a0 03 02 01 03 a1 19 30 17 1b 04
A."0 .......0...
0070: 6c 64 61 70 1b 0f 63 68 61 72 70 61 6b 2e 63 69
ldap..charpak.ci
0080: 64 73 2e 63 61 a3 82 01 1a 30 82 01 16 a0 03 02
ds.ca....0......
0090: 01 12 a1 03 02 01 07 a2 82 01 08 04 82 01 04
46 ...............F
00a0: c7 d2 fb b5 63 13 9d ce 54 a8 bc 61 02 7c 9b
a4 ....c...T..a.|..
00b0: 4a b5 e4 97 5d 04 6d 68 26 e3 1a 4c 34 2d d5 ac
J...].mh&..L4-..
00c0: 13 1d ee a4 24 53 2b 27 d8 5e 3a 72 f3 7d 38 09 ....$S
+'.^:r.}8.
00d0: 8b 0b b0 10 3a 84 66 fa 49 04 76 92 14 0b e4
91 ....:.f.I.v.....
00e0: 0a 5f 08 d0 d7 36 5b cf c2 0e a6 05 b9 77 28
73 ._...6[......w(s
00f0: 43 62 85 0e 6e 86 c0 d1 3e a5 2e 7b ba c8 1e 1d
Cb..n...>..{....
0100: e2 ce c0 53 04 aa f3 5c ac 2b 98 d5 b2 0c b9
95 ...S...\.+......
0110: be 21 c7 df cf 6b ce 9f af 29 c4 b5 ea 89 04
16 .!...k...)......
0120: ec 6a 3b 93 79 34 99 9e c1 c1 92 66 f3 d1 3f
c2 .j;.y4.....f..?.
0130: 87 84 a2 b4 1b 69 ea 11 eb 93 bc d3 9b 55 eb
4f .....i.......U.O
0140: 8b 3b c2 dc 18 10 9d 89 76 0b 1d 5a 9f 8c 82
47 .;......v..Z...G
0150: d8 de 24 5c e1 18 e1 e1 a3 e1 e2 db 94 fa 20
c4 ..$\.......... .
0160: 63 c6 68 03 d3 79 d8 37 b1 67 a5 21 18 4e 38 37
c.h..y.7.g.!.N87
0170: 2d 57 7d e5 83 97 a4 df 9f d0 72 18 76 b9 1b 7d
-W}.......r.v..}
0180: 6b fd 2b db 0d ce 7a 1c f5 cf 47 35 fd ef e0 86
k.+...z...G5....
0190: 15 a7 79 d0 91 f0 31 0c 02 f5 f9 96 07 15 b5
d1 ..y...1.........
01a0: bf cf 6e a4 81 cc 30 81 c9 a0 03 02 01 12 a2
81 ..n...0.........
01b0: c1 04 81 be f4 d4 c2 6c 9f 6b 72 ad 63 cf ed
a5 .......l.kr.c...
01c0: 9b 09 e2 b9 d1 8a 75 4f 95 0d 02 7c 8f 30 c6
39 ......uO...|.0.9
01d0: 3f 77 8d 05 09 18 bc 6c 6f 28 cb a2 8d 25 6f
cd ?w.....lo(...%o.
01e0: c0 d0 5f 1e 30 81 02 88 1a 8d 90 2d 0a a8 e4
89 .._.0......-....
01f0: d6 a4 52 00 58 7b 85 d1 6a 7b c6 d5 6e 3b d1
c6 ..R.X{..j{..n;..
0200: 5e db 86 3a 21 bb ea ff 33 b1 e6 0c c6 8f cc 71
^..:!...3......q
0210: 46 a4 29 7c 29 4b dd 7f 7b 40 03 4d 79 e4 54 b5 F.)|
)K..{@.My.T.
0220: 21 08 e9 a5 96 9f 3c 96 3c 0b 89 ed 52 d6 1a
74 !.....<.<...R..t
0230: 44 f6 95 cc 77 db 03 38 86 65 b3 db 87 75 3d 1b
D...w..8.e...u=.
0240: 1d f0 ad f2 f1 b3 e8 29 17 a5 2d 43 d1 d3 35
9d .......)..-C..5.
0250: fe 87 72 90 44 bd d0 b1 58 e8 64 dd 93 5c b8
f8 ..r.D...X.d..\..
0260: 5c 70 9f 7f 1d a0 9b 6e be 29 24 a7 3e 9a 34 f4
\p.....n.)$.>.4.
0270: c3
6a .j
ber_flush2: 633 bytes to sd 4
0000: 30 82 02 75 02 01 02 60 82 02 6e 02 01 03 04 00
0..u...`..n.....
0010: a3 82 02 65 04 06 47 53 53 41 50 49 04 82 02
59 ...e..GSSAPI...Y
0020: 60 82 02 55 06 09 2a 86 48 86 f7 12 01 02 02 01
`..U..*.H.......
0030: 00 6e 82 02 44 30 82 02 40 a0 03 02 01 05 a1
03 .n..D0..@.......
0040: 02 01 0e a2 07 03 05 00 20 00 00 00 a3 82 01
5a ........ ......Z
0050: 61 82 01 56 30 82 01 52 a0 03 02 01 05 a1 09 1b
a..V0..R........
0060: 07 43 49 44 53 2e 43 41 a2 22 30 20 a0 03 02
01 .CIDS.CA."0 ....
0070: 03 a1 19 30 17 1b 04 6c 64 61 70 1b 0f 63 68
61 ...0...ldap..cha
0080: 72 70 61 6b 2e 63 69 64 73 2e 63 61 a3 82 01 1a
rpak.cids.ca....
0090: 30 82 01 16 a0 03 02 01 12 a1 03 02 01 07 a2 82
0...............
00a0: 01 08 04 82 01 04 46 c7 d2 fb b5 63 13 9d ce
54 ......F....c...T
00b0: a8 bc 61 02 7c 9b a4 4a b5 e4 97 5d 04 6d 68
26 ..a.|..J...].mh&
00c0: e3 1a 4c 34 2d d5 ac 13 1d ee a4 24 53 2b 27
d8 ..L4-......$S+'.
00d0: 5e 3a 72 f3 7d 38 09 8b 0b b0 10 3a 84 66 fa 49
^:r.}8.....:.f.I
00e0: 04 76 92 14 0b e4 91 0a 5f 08 d0 d7 36 5b cf
c2 .v......_...6[..
00f0: 0e a6 05 b9 77 28 73 43 62 85 0e 6e 86 c0 d1
3e ....w(sCb..n...>
0100: a5 2e 7b ba c8 1e 1d e2 ce c0 53 04 aa f3 5c
ac ..{.......S...\.
0110: 2b 98 d5 b2 0c b9 95 be 21 c7 df cf 6b ce 9f af
+.......!...k...
0120: 29 c4 b5 ea 89 04 16 ec 6a 3b 93 79 34 99 9e c1
).......j;.y4...
0130: c1 92 66 f3 d1 3f c2 87 84 a2 b4 1b 69 ea 11
eb ..f..?......i...
0140: 93 bc d3 9b 55 eb 4f 8b 3b c2 dc 18 10 9d 89
76 ....U.O.;......v
0150: 0b 1d 5a 9f 8c 82 47 d8 de 24 5c e1 18 e1 e1
a3 ..Z...G..$\.....
0160: e1 e2 db 94 fa 20 c4 63 c6 68 03 d3 79 d8 37
b1 ..... .c.h..y.7.
0170: 67 a5 21 18 4e 38 37 2d 57 7d e5 83 97 a4 df 9f
g.!.N87-W}......
0180: d0 72 18 76 b9 1b 7d 6b fd 2b db 0d ce 7a 1c
f5 .r.v..}k.+...z..
0190: cf 47 35 fd ef e0 86 15 a7 79 d0 91 f0 31 0c
02 .G5......y...1..
01a0: f5 f9 96 07 15 b5 d1 bf cf 6e a4 81 cc 30 81
c9 .........n...0..
01b0: a0 03 02 01 12 a2 81 c1 04 81 be f4 d4 c2 6c
9f ..............l.
01c0: 6b 72 ad 63 cf ed a5 9b 09 e2 b9 d1 8a 75 4f 95
kr.c.........uO.
01d0: 0d 02 7c 8f 30 c6 39 3f 77 8d 05 09 18 bc 6c
6f ..|.0.9?w.....lo
01e0: 28 cb a2 8d 25 6f cd c0 d0 5f 1e 30 81 02 88 1a (...%
o..._.0....
01f0: 8d 90 2d 0a a8 e4 89 d6 a4 52 00 58 7b 85 d1
6a ..-......R.X{..j
0200: 7b c6 d5 6e 3b d1 c6 5e db 86 3a 21 bb ea ff 33
{..n;..^..:!...3
0210: b1 e6 0c c6 8f cc 71 46 a4 29 7c 29 4b dd 7f 7b ......qF.)|
)K..{
0220: 40 03 4d 79 e4 54 b5 21 08 e9 a5 96 9f 3c 96 3c
@.My.T.!.....<.<
0230: 0b 89 ed 52 d6 1a 74 44 f6 95 cc 77 db 03 38
86 ...R..tD...w..8.
0240: 65 b3 db 87 75 3d 1b 1d f0 ad f2 f1 b3 e8 29 17
e...u=........).
0250: a5 2d 43 d1 d3 35 9d fe 87 72 90 44 bd d0 b1
58 .-C..5...r.D...X
0260: e8 64 dd 93 5c b8 f8 5c 70 9f 7f 1d a0 9b 6e
be .d..\..\p.....n.
0270: 29 24 a7 3e 9a 34 f4 c3 6a
)$.>.4..j
ldap_write: want=633, written=633
0000: 30 82 02 75 02 01 02 60 82 02 6e 02 01 03 04 00
0..u...`..n.....
0010: a3 82 02 65 04 06 47 53 53 41 50 49 04 82 02
59 ...e..GSSAPI...Y
0020: 60 82 02 55 06 09 2a 86 48 86 f7 12 01 02 02 01
`..U..*.H.......
0030: 00 6e 82 02 44 30 82 02 40 a0 03 02 01 05 a1
03 .n..D0..@.......
0040: 02 01 0e a2 07 03 05 00 20 00 00 00 a3 82 01
5a ........ ......Z
0050: 61 82 01 56 30 82 01 52 a0 03 02 01 05 a1 09 1b
a..V0..R........
0060: 07 43 49 44 53 2e 43 41 a2 22 30 20 a0 03 02
01 .CIDS.CA."0 ....
0070: 03 a1 19 30 17 1b 04 6c 64 61 70 1b 0f 63 68
61 ...0...ldap..cha
0080: 72 70 61 6b 2e 63 69 64 73 2e 63 61 a3 82 01 1a
rpak.cids.ca....
0090: 30 82 01 16 a0 03 02 01 12 a1 03 02 01 07 a2 82
0...............
00a0: 01 08 04 82 01 04 46 c7 d2 fb b5 63 13 9d ce
54 ......F....c...T
00b0: a8 bc 61 02 7c 9b a4 4a b5 e4 97 5d 04 6d 68
26 ..a.|..J...].mh&
00c0: e3 1a 4c 34 2d d5 ac 13 1d ee a4 24 53 2b 27
d8 ..L4-......$S+'.
00d0: 5e 3a 72 f3 7d 38 09 8b 0b b0 10 3a 84 66 fa 49
^:r.}8.....:.f.I
00e0: 04 76 92 14 0b e4 91 0a 5f 08 d0 d7 36 5b cf
c2 .v......_...6[..
00f0: 0e a6 05 b9 77 28 73 43 62 85 0e 6e 86 c0 d1
3e ....w(sCb..n...>
0100: a5 2e 7b ba c8 1e 1d e2 ce c0 53 04 aa f3 5c
ac ..{.......S...\.
0110: 2b 98 d5 b2 0c b9 95 be 21 c7 df cf 6b ce 9f af
+.......!...k...
0120: 29 c4 b5 ea 89 04 16 ec 6a 3b 93 79 34 99 9e c1
).......j;.y4...
0130: c1 92 66 f3 d1 3f c2 87 84 a2 b4 1b 69 ea 11
eb ..f..?......i...
0140: 93 bc d3 9b 55 eb 4f 8b 3b c2 dc 18 10 9d 89
76 ....U.O.;......v
0150: 0b 1d 5a 9f 8c 82 47 d8 de 24 5c e1 18 e1 e1
a3 ..Z...G..$\.....
0160: e1 e2 db 94 fa 20 c4 63 c6 68 03 d3 79 d8 37
b1 ..... .c.h..y.7.
0170: 67 a5 21 18 4e 38 37 2d 57 7d e5 83 97 a4 df 9f
g.!.N87-W}......
0180: d0 72 18 76 b9 1b 7d 6b fd 2b db 0d ce 7a 1c
f5 .r.v..}k.+...z..
0190: cf 47 35 fd ef e0 86 15 a7 79 d0 91 f0 31 0c
02 .G5......y...1..
01a0: f5 f9 96 07 15 b5 d1 bf cf 6e a4 81 cc 30 81
c9 .........n...0..
01b0: a0 03 02 01 12 a2 81 c1 04 81 be f4 d4 c2 6c
9f ..............l.
01c0: 6b 72 ad 63 cf ed a5 9b 09 e2 b9 d1 8a 75 4f 95
kr.c.........uO.
01d0: 0d 02 7c 8f 30 c6 39 3f 77 8d 05 09 18 bc 6c
6f ..|.0.9?w.....lo
01e0: 28 cb a2 8d 25 6f cd c0 d0 5f 1e 30 81 02 88 1a (...%
o..._.0....
01f0: 8d 90 2d 0a a8 e4 89 d6 a4 52 00 58 7b 85 d1
6a ..-......R.X{..j
0200: 7b c6 d5 6e 3b d1 c6 5e db 86 3a 21 bb ea ff 33
{..n;..^..:!...3
0210: b1 e6 0c c6 8f cc 71 46 a4 29 7c 29 4b dd 7f 7b ......qF.)|
)K..{
0220: 40 03 4d 79 e4 54 b5 21 08 e9 a5 96 9f 3c 96 3c
@.My.T.!.....<.<
0230: 0b 89 ed 52 d6 1a 74 44 f6 95 cc 77 db 03 38
86 ...R..tD...w..8.
0240: 65 b3 db 87 75 3d 1b 1d f0 ad f2 f1 b3 e8 29 17
e...u=........).
0250: a5 2d 43 d1 d3 35 9d fe 87 72 90 44 bd d0 b1
58 .-C..5...r.D...X
0260: e8 64 dd 93 5c b8 f8 5c 70 9f 7f 1d a0 9b 6e
be .d..\..\p.....n.
0270: 29 24 a7 3e 9a 34 f4 c3 6a
)$.>.4..j
ldap_msgfree
ldap_result ld 0x8058520 msgid 2
wait4msg ld 0x8058520 msgid 2 (infinite timeout)
wait4msg continue ld 0x8058520 msgid 2 all 1
** ld 0x8058520 Connections:
* host: (null) port: 0 (default)
refcnt: 2 status: Connected
last used: Thu Feb 9 15:30:01 2012
** ld 0x8058520 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
ld 0x8058520 request count 1 (abandoned 0)
** ld 0x8058520 Response Queue:
Empty
ld 0x8058520 response count 0
ldap_chkResponseList ld 0x8058520 msgid 2 all 1
ldap_chkResponseList returns ld 0x8058520 NULL
ldap_int_select
read1msg: ld 0x8058520 msgid 2 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 81 ec 02 01 02 61 81
0.....a.
ldap_read: want=231, got=231
0000: e6 0a 01 0e 04 00 04 40 53 41 53 4c 28 30 29
3a .......@SASL(0):
0010: 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 73 75 successful
resu
0020: 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 6c 61 lt: security
fla
0030: 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 68 20 gs do not
match
0040: 72 65 71 75 69 72 65 64 87 81 9c 60 81 99 06 09
required...`....
0050: 2a 86 48 86 f7 12 01 02 02 02 00 6f 81 89 30 81
*.H........o..0.
0060: 86 a0 03 02 01 05 a1 03 02 01 0f a2 7a 30 78
a0 ............z0x.
0070: 03 02 01 12 a2 71 04 6f 7e 89 45 11 0e 7a 4b
05 .....q.o~.E..zK.
0080: 37 fe ac 8f 2c 71 5f ed 60 af 26 39 57 b2 2e f4
7...,q_.`.&9W...
0090: 68 e2 01 39 27 19 55 a6 2d 27 06 8c a8 ba b1 db
h..9'.U.-'......
00a0: 33 e3 91 51 89 0a 3b 7a 8b 41 03 ec 2d 44 f0 88
3..Q..;z.A..-D..
00b0: 31 e5 32 12 98 5f db 22 cd b1 2e d2 15 22 d1 7c
1.2.._.".....".|
00c0: d9 7f 48 aa 9e 27 84 a2 cd 36 02 cf 26 94 0d
71 ..H..'...6..&..q
00d0: 26 5e 66 45 af 86 34 de b1 5d 9a 53 40 df ce f1
&^fE..4..].S@...
00e0: 65 d7 7e d2 b5 1f d9
e.~....
ber_get_next: tag 0x30 len 236 contents:
ber_dump: buf=0x8066930 ptr=0x8066930 end=0x8066a1c len=236
0000: 02 01 02 61 81 e6 0a 01 0e 04 00 04 40 53 41
53 ...a........@SAS
0010: 4c 28 30 29 3a 20 73 75 63 63 65 73 73 66 75 6c L(0):
successful
0020: 20 72 65 73 75 6c 74 3a 20 73 65 63 75 72 69 74 result:
securit
0030: 79 20 66 6c 61 67 73 20 64 6f 20 6e 6f 74 20 6d y flags do
not m
0040: 61 74 63 68 20 72 65 71 75 69 72 65 64 87 81 9c atch
required...
0050: 60 81 99 06 09 2a 86 48 86 f7 12 01 02 02 02 00
`....*.H........
0060: 6f 81 89 30 81 86 a0 03 02 01 05 a1 03 02 01 0f
o..0............
0070: a2 7a 30 78 a0 03 02 01 12 a2 71 04 6f 7e 89
45 .z0x......q.o~.E
0080: 11 0e 7a 4b 05 37 fe ac 8f 2c 71 5f ed 60 af
26 ..zK.7...,q_.`.&
0090: 39 57 b2 2e f4 68 e2 01 39 27 19 55 a6 2d 27 06
9W...h..9'.U.-'.
00a0: 8c a8 ba b1 db 33 e3 91 51 89 0a 3b 7a 8b 41
03 .....3..Q..;z.A.
00b0: ec 2d 44 f0 88 31 e5 32 12 98 5f db 22 cd b1
2e .-D..1.2.._."...
00c0: d2 15 22 d1 7c d9 7f 48 aa 9e 27 84 a2 cd 36
02 ..".|..H..'...6.
00d0: cf 26 94 0d 71 26 5e 66 45 af 86 34 de b1 5d
9a .&..q&^fE..4..].
00e0: 53 40 df ce f1 65 d7 7e d2 b5 1f d9
S@...e.~....
read1msg: ld 0x8058520 msgid 2 message type bind
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8066930 ptr=0x8066933 end=0x8066a1c len=233
0000: 61 81 e6 0a 01 0e 04 00 04 40 53 41 53 4c 28 30
a........@SASL(0
0010: 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 ):
successful re
0020: 73 75 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 sult:
security f
0030: 6c 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 lags do not
matc
0040: 68 20 72 65 71 75 69 72 65 64 87 81 9c 60 81 99 h
required...`..
0050: 06 09 2a 86 48 86 f7 12 01 02 02 02 00 6f 81
89 ..*.H........o..
0060: 30 81 86 a0 03 02 01 05 a1 03 02 01 0f a2 7a 30
0.............z0
0070: 78 a0 03 02 01 12 a2 71 04 6f 7e 89 45 11 0e 7a
x......q.o~.E..z
0080: 4b 05 37 fe ac 8f 2c 71 5f ed 60 af 26 39 57 b2
K.7...,q_.`.&9W.
0090: 2e f4 68 e2 01 39 27 19 55 a6 2d 27 06 8c a8
ba ..h..9'.U.-'....
00a0: b1 db 33 e3 91 51 89 0a 3b 7a 8b 41 03 ec 2d
44 ..3..Q..;z.A..-D
00b0: f0 88 31 e5 32 12 98 5f db 22 cd b1 2e d2 15
22 ..1.2.._."....."
00c0: d1 7c d9 7f 48 aa 9e 27 84 a2 cd 36 02 cf 26
94 .|..H..'...6..&.
00d0: 0d 71 26 5e 66 45 af 86 34 de b1 5d 9a 53 40
df .q&^fE..4..].S@.
00e0: ce f1 65 d7 7e d2 b5 1f
d9 ..e.~....
read1msg: ld 0x8058520 0 new referrals
read1msg: mark request completed, ld 0x8058520 msgid 2
request done: ld 0x8058520 msgid 2
res_errno: 14, res_error: <SASL(0): successful result: security flags do
not match required>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_int_sasl_bind: <null>
ldap_parse_sasl_bind_result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8066930 ptr=0x8066933 end=0x8066a1c len=233
0000: 61 81 e6 0a 01 0e 04 00 04 40 53 41 53 4c 28 30
a........@SASL(0
0010: 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 ):
successful re
0020: 73 75 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 sult:
security f
0030: 6c 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 lags do not
matc
0040: 68 20 72 65 71 75 69 72 65 64 87 81 9c 60 81 99 h
required...`..
0050: 06 09 2a 86 48 86 f7 12 01 02 02 02 00 6f 81
89 ..*.H........o..
0060: 30 81 86 a0 03 02 01 05 a1 03 02 01 0f a2 7a 30
0.............z0
0070: 78 a0 03 02 01 12 a2 71 04 6f 7e 89 45 11 0e 7a
x......q.o~.E..z
0080: 4b 05 37 fe ac 8f 2c 71 5f ed 60 af 26 39 57 b2
K.7...,q_.`.&9W.
0090: 2e f4 68 e2 01 39 27 19 55 a6 2d 27 06 8c a8
ba ..h..9'.U.-'....
00a0: b1 db 33 e3 91 51 89 0a 3b 7a 8b 41 03 ec 2d
44 ..3..Q..;z.A..-D
00b0: f0 88 31 e5 32 12 98 5f db 22 cd b1 2e d2 15
22 ..1.2.._."....."
00c0: d1 7c d9 7f 48 aa 9e 27 84 a2 cd 36 02 cf 26
94 .|..H..'...6..&.
00d0: 0d 71 26 5e 66 45 af 86 34 de b1 5d 9a 53 40
df .q&^fE..4..].S@.
00e0: ce f1 65 d7 7e d2 b5 1f
d9 ..e.~....
ber_scanf fmt (O) ber:
ber_dump: buf=0x8066930 ptr=0x806697d end=0x8066a1c len=159
0000: 87 81 9c 60 81 99 06 09 2a 86 48 86 f7 12 01
02 ...`....*.H.....
0010: 02 02 00 6f 81 89 30 81 86 a0 03 02 01 05 a1
03 ...o..0.........
0020: 02 01 0f a2 7a 30 78 a0 03 02 01 12 a2 71 04
6f ....z0x......q.o
0030: 7e 89 45 11 0e 7a 4b 05 37 fe ac 8f 2c 71 5f ed
~.E..zK.7...,q_.
0040: 60 af 26 39 57 b2 2e f4 68 e2 01 39 27 19 55 a6
`.&9W...h..9'.U.
0050: 2d 27 06 8c a8 ba b1 db 33 e3 91 51 89 0a 3b 7a
-'......3..Q..;z
0060: 8b 41 03 ec 2d 44 f0 88 31 e5 32 12 98 5f db
22 .A..-D..1.2.._."
0070: cd b1 2e d2 15 22 d1 7c d9 7f 48 aa 9e 27 84
a2 .....".|..H..'..
0080: cd 36 02 cf 26 94 0d 71 26 5e 66 45 af 86 34
de .6..&..q&^fE..4.
0090: b1 5d 9a 53 40 df ce f1 65 d7 7e d2 b5 1f
d9 .].S@...e.~....
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8066930 ptr=0x8066933 end=0x8066a1c len=233
0000: 61 81 e6 0a 01 0e 04 00 04 40 53 41 53 4c 28 30
a........@SASL(0
0010: 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 ):
successful re
0020: 73 75 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 sult:
security f
0030: 6c 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 lags do not
matc
0040: 68 20 72 65 71 75 69 72 65 64 87 81 9c 60 81 99 h
required...`..
0050: 06 09 2a 86 48 86 f7 12 01 02 02 02 00 6f 81
89 ..*.H........o..
0060: 30 81 86 a0 03 02 01 05 a1 03 02 01 0f a2 7a 30
0.............z0
0070: 78 a0 03 02 01 12 a2 71 04 6f 7e 89 45 11 0e 7a
x......q.o~.E..z
0080: 4b 05 37 fe ac 8f 2c 71 5f ed 60 af 26 39 57 b2
K.7...,q_.`.&9W.
0090: 2e f4 68 e2 01 39 27 19 55 a6 2d 27 06 8c a8
ba ..h..9'.U.-'....
00a0: b1 db 33 e3 91 51 89 0a 3b 7a 8b 41 03 ec 2d
44 ..3..Q..;z.A..-D
00b0: f0 88 31 e5 32 12 98 5f db 22 cd b1 2e d2 15
22 ..1.2.._."....."
00c0: d1 7c d9 7f 48 aa 9e 27 84 a2 cd 36 02 cf 26
94 .|..H..'...6..&.
00d0: 0d 71 26 5e 66 45 af 86 34 de b1 5d 9a 53 40
df .q&^fE..4..].S@.
00e0: ce f1 65 d7 7e d2 b5 1f
d9 ..e.~....
ber_scanf fmt (x) ber:
ber_dump: buf=0x8066930 ptr=0x806697d end=0x8066a1c len=159
0000: 87 81 9c 60 81 99 06 09 2a 86 48 86 f7 12 01
02 ...`....*.H.....
0010: 02 02 00 6f 81 89 30 81 86 a0 03 02 01 05 a1
03 ...o..0.........
0020: 02 01 0f a2 7a 30 78 a0 03 02 01 12 a2 71 04
6f ....z0x......q.o
0030: 7e 89 45 11 0e 7a 4b 05 37 fe ac 8f 2c 71 5f ed
~.E..zK.7...,q_.
0040: 60 af 26 39 57 b2 2e f4 68 e2 01 39 27 19 55 a6
`.&9W...h..9'.U.
0050: 2d 27 06 8c a8 ba b1 db 33 e3 91 51 89 0a 3b 7a
-'......3..Q..;z
0060: 8b 41 03 ec 2d 44 f0 88 31 e5 32 12 98 5f db
22 .A..-D..1.2.._."
0070: cd b1 2e d2 15 22 d1 7c d9 7f 48 aa 9e 27 84
a2 .....".|..H..'..
0080: cd 36 02 cf 26 94 0d 71 26 5e 66 45 af 86 34
de .6..&..q&^fE..4.
0090: b1 5d 9a 53 40 df ce f1 65 d7 7e d2 b5 1f
d9 .].S@...e.~....
ber_scanf fmt (}) ber:
ber_dump: buf=0x8066930 ptr=0x8066a1c end=0x8066a1c len=0
sasl_client_step: 1
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x80673c8 ptr=0x80673c8 end=0x80673de len=22
0000: 30 14 02 01 03 60 0f 02 01 03 04 00 a3 08 04 06
0....`..........
0010: 47 53 53 41 50 49
GSSAPI
ber_scanf fmt ({i) ber:
ber_dump: buf=0x80673c8 ptr=0x80673cd end=0x80673de len=17
0000: 60 0f 02 01 03 04 00 a3 08 04 06 47 53 53 41 50
`..........GSSAP
0010: 49
I
ber_flush2: 22 bytes to sd 4
0000: 30 14 02 01 03 60 0f 02 01 03 04 00 a3 08 04 06
0....`..........
0010: 47 53 53 41 50 49
GSSAPI
ldap_write: want=22, written=22
0000: 30 14 02 01 03 60 0f 02 01 03 04 00 a3 08 04 06
0....`..........
0010: 47 53 53 41 50 49
GSSAPI
ldap_msgfree
ldap_result ld 0x8058520 msgid 3
wait4msg ld 0x8058520 msgid 3 (infinite timeout)
wait4msg continue ld 0x8058520 msgid 3 all 1
** ld 0x8058520 Connections:
* host: (null) port: 0 (default)
refcnt: 2 status: Connected
last used: Thu Feb 9 15:30:01 2012
** ld 0x8058520 Outstanding Requests:
* msgid 3, origid 3, status InProgress
outstanding referrals 0, parent count 0
ld 0x8058520 request count 1 (abandoned 0)
** ld 0x8058520 Response Queue:
Empty
ld 0x8058520 response count 0
ldap_chkResponseList ld 0x8058520 msgid 3 all 1
ldap_chkResponseList returns ld 0x8058520 NULL
ldap_int_select
read1msg: ld 0x8058520 msgid 3 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 6e 02 01 03 61 69 0a
0n...ai.
ldap_read: want=104, got=104
0000: 01 0e 04 00 04 40 53 41 53 4c 28 30 29 3a 20
73 .....@SASL(0): s
0010: 75 63 63 65 73 73 66 75 6c 20 72 65 73 75 6c 74 uccessful
result
0020: 3a 20 73 65 63 75 72 69 74 79 20 66 6c 61 67 73 : security
flags
0030: 20 64 6f 20 6e 6f 74 20 6d 61 74 63 68 20 72 65 do not
match re
0040: 71 75 69 72 65 64 87 20 05 04 05 ff 00 0c 00 00
quired. ........
0050: 00 00 00 00 12 b9 aa 10 07 01 00 00 df 4c f1
71 .............L.q
0060: 90 07 ff bd 17 a8 c4
a4 ........
ber_get_next: tag 0x30 len 110 contents:
ber_dump: buf=0x8066ea0 ptr=0x8066ea0 end=0x8066f0e len=110
0000: 02 01 03 61 69 0a 01 0e 04 00 04 40 53 41 53
4c ...ai......@SASL
0010: 28 30 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 (0):
successful
0020: 72 65 73 75 6c 74 3a 20 73 65 63 75 72 69 74 79 result:
security
0030: 20 66 6c 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 flags do
not ma
0040: 74 63 68 20 72 65 71 75 69 72 65 64 87 20 05 04 tch
required. ..
0050: 05 ff 00 0c 00 00 00 00 00 00 12 b9 aa 10 07
01 ................
0060: 00 00 df 4c f1 71 90 07 ff bd 17 a8 c4
a4 ...L.q........
read1msg: ld 0x8058520 msgid 3 message type bind
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8066ea0 ptr=0x8066ea3 end=0x8066f0e len=107
0000: 61 69 0a 01 0e 04 00 04 40 53 41 53 4c 28 30 29
ai......@SASL(0)
0010: 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 73 : successful
res
0020: 75 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 6c ult:
security fl
0030: 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 68 ags do not
match
0040: 20 72 65 71 75 69 72 65 64 87 20 05 04 05 ff 00
required. .....
0050: 0c 00 00 00 00 00 00 12 b9 aa 10 07 01 00 00
df ................
0060: 4c f1 71 90 07 ff bd 17 a8 c4 a4
L.q........
read1msg: ld 0x8058520 0 new referrals
read1msg: mark request completed, ld 0x8058520 msgid 3
request done: ld 0x8058520 msgid 3
res_errno: 14, res_error: <SASL(0): successful result: security flags do
not match required>, res_matched: <>
ldap_free_request (origid 3, msgid 3)
ldap_int_sasl_bind: <null>
ldap_parse_sasl_bind_result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8066ea0 ptr=0x8066ea3 end=0x8066f0e len=107
0000: 61 69 0a 01 0e 04 00 04 40 53 41 53 4c 28 30 29
ai......@SASL(0)
0010: 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 73 : successful
res
0020: 75 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 6c ult:
security fl
0030: 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 68 ags do not
match
0040: 20 72 65 71 75 69 72 65 64 87 20 05 04 05 ff 00
required. .....
0050: 0c 00 00 00 00 00 00 12 b9 aa 10 07 01 00 00
df ................
0060: 4c f1 71 90 07 ff bd 17 a8 c4 a4
L.q........
ber_scanf fmt (O) ber:
ber_dump: buf=0x8066ea0 ptr=0x8066eec end=0x8066f0e len=34
0000: 87 20 05 04 05 ff 00 0c 00 00 00 00 00 00 12
b9 . ..............
0010: aa 10 07 01 00 00 df 4c f1 71 90 07 ff bd 17
a8 .......L.q......
0020: c4
a4 ..
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8066ea0 ptr=0x8066ea3 end=0x8066f0e len=107
0000: 61 69 0a 01 0e 04 00 04 40 53 41 53 4c 28 30 29
ai......@SASL(0)
0010: 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 73 : successful
res
0020: 75 6c 74 3a 20 73 65 63 75 72 69 74 79 20 66 6c ult:
security fl
0030: 61 67 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 68 ags do not
match
0040: 20 72 65 71 75 69 72 65 64 87 20 05 04 05 ff 00
required. .....
0050: 0c 00 00 00 00 00 00 12 b9 aa 10 07 01 00 00
df ................
0060: 4c f1 71 90 07 ff bd 17 a8 c4 a4
L.q........
ber_scanf fmt (x) ber:
ber_dump: buf=0x8066ea0 ptr=0x8066eec end=0x8066f0e len=34
0000: 87 20 05 04 05 ff 00 0c 00 00 00 00 00 00 12
b9 . ..............
0010: aa 10 07 01 00 00 df 4c f1 71 90 07 ff bd 17
a8 .......L.q......
0020: c4
a4 ..
ber_scanf fmt (}) ber:
ber_dump: buf=0x8066ea0 ptr=0x8066f0e end=0x8066f0e len=0
sasl_client_step: 0
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x80675e0 ptr=0x80675e0 end=0x8067618 len=56
0000: 30 36 02 01 04 60 31 02 01 03 04 00 a3 2a 04 06
06...`1......*..
0010: 47 53 53 41 50 49 04 20 05 04 04 ff 00 0c 00 00
GSSAPI. ........
0020: 00 00 00 00 14 7c 59 12 04 ff ff ff df d0 e2 d4 .....|
Y.........
0030: ba 92 ed 68 ba 85 78
97 ...h..x.
ber_scanf fmt ({i) ber:
ber_dump: buf=0x80675e0 ptr=0x80675e5 end=0x8067618 len=51
0000: 60 31 02 01 03 04 00 a3 2a 04 06 47 53 53 41 50
`1......*..GSSAP
0010: 49 04 20 05 04 04 ff 00 0c 00 00 00 00 00 00 14
I. .............
0020: 7c 59 12 04 ff ff ff df d0 e2 d4 ba 92 ed 68 ba |
Y............h.
0030: 85 78
97 .x.
ber_flush2: 56 bytes to sd 4
0000: 30 36 02 01 04 60 31 02 01 03 04 00 a3 2a 04 06
06...`1......*..
0010: 47 53 53 41 50 49 04 20 05 04 04 ff 00 0c 00 00
GSSAPI. ........
0020: 00 00 00 00 14 7c 59 12 04 ff ff ff df d0 e2 d4 .....|
Y.........
0030: ba 92 ed 68 ba 85 78
97 ...h..x.
ldap_write: want=56, written=56
0000: 30 36 02 01 04 60 31 02 01 03 04 00 a3 2a 04 06
06...`1......*..
0010: 47 53 53 41 50 49 04 20 05 04 04 ff 00 0c 00 00
GSSAPI. ........
0020: 00 00 00 00 14 7c 59 12 04 ff ff ff df d0 e2 d4 .....|
Y.........
0030: ba 92 ed 68 ba 85 78
97 ...h..x.
ldap_msgfree
ldap_result ld 0x8058520 msgid 4
wait4msg ld 0x8058520 msgid 4 (infinite timeout)
wait4msg continue ld 0x8058520 msgid 4 all 1
** ld 0x8058520 Connections:
* host: (null) port: 0 (default)
refcnt: 2 status: Connected
last used: Thu Feb 9 15:30:01 2012
** ld 0x8058520 Outstanding Requests:
* msgid 4, origid 4, status InProgress
outstanding referrals 0, parent count 0
ld 0x8058520 request count 1 (abandoned 0)
** ld 0x8058520 Response Queue:
Empty
ld 0x8058520 response count 0
ldap_chkResponseList ld 0x8058520 msgid 4 all 1
ldap_chkResponseList returns ld 0x8058520 NULL
ldap_int_select
read1msg: ld 0x8058520 msgid 4 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 04 61 07 0a
0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04
00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x8066a10 ptr=0x8066a10 end=0x8066a1c len=12
0000: 02 01 04 61 07 0a 01 00 04 00 04
00 ...a........
read1msg: ld 0x8058520 msgid 4 message type bind
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8066a10 ptr=0x8066a13 end=0x8066a1c len=9
0000: 61 07 0a 01 00 04 00 04 00
a........
read1msg: ld 0x8058520 0 new referrals
read1msg: mark request completed, ld 0x8058520 msgid 4
request done: ld 0x8058520 msgid 4
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 4, msgid 4)
ldap_int_sasl_bind: <null>
ldap_parse_sasl_bind_result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8066a10 ptr=0x8066a13 end=0x8066a1c len=9
0000: 61 07 0a 01 00 04 00 04 00
a........
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8066a10 ptr=0x8066a13 end=0x8066a1c len=9
0000: 61 07 0a 01 00 04 00 04 00
a........
ber_scanf fmt (}) ber:
ber_dump: buf=0x8066a10 ptr=0x8066a1c end=0x8066a1c len=0
SASL username: dsavard(a)CIDS.CA
SASL SSF: 56
ldap_pvt_sasl_generic_install
SASL data security layer installed.
ldap_msgfree
ldap_extended_operation
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x80685e8 ptr=0x80685e8 end=0x8068608 len=32
0000: 30 1e 02 01 05 77 19 80 17 31 2e 33 2e 36 2e 31
0....w...1.3.6.1
0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e
33 .4.1.4203.1.11.3
ber_scanf fmt ({) ber:
ber_dump: buf=0x80685e8 ptr=0x80685ed end=0x8068608 len=27
0000: 77 19 80 17 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e
w...1.3.6.1.4.1.
0010: 34 32 30 33 2e 31 2e 31 31 2e 33
4203.1.11.3
ber_flush2: 32 bytes to sd 4
0000: 30 1e 02 01 05 77 19 80 17 31 2e 33 2e 36 2e 31
0....w...1.3.6.1
0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e
33 .4.1.4203.1.11.3
sasl_generic_write: want=96, written=96
0000: 00 00 00 5c 05 04 06 ff 00 00 00 00 00 00 00
00 ...\............
0010: 14 7c 59 13 19 70 b3 cc d8 3f 49 e8 75 23 72 34 .|
Y..p...?I.u#r4
0020: e3 36 1f 76 8b b5 33 a9 f0 f7 b7 e7 a6 03 39
5a .6.v..3.......9Z
0030: aa ff 48 4a f1 7d ff 50 1e 4c 70 42 1e 70 f9
1a ..HJ.}.P.LpB.p..
0040: 1b a6 98 d3 ac 1f fa 0b 7c 74 5f a2 bb 33 8a 11 ........|
t_..3..
0050: d5 71 97 a5 22 e6 cb 58 4a b9 22 c7 9e 49 f0
ac .q.."..XJ."..I..
ldap_write: want=32, written=32
0000: 30 1e 02 01 05 77 19 80 17 31 2e 33 2e 36 2e 31
0....w...1.3.6.1
0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e
33 .4.1.4203.1.11.3
ldap_result ld 0x8058520 msgid -1
wait4msg ld 0x8058520 msgid -1 (timeout 100000 usec)
wait4msg continue ld 0x8058520 msgid -1 all 1
** ld 0x8058520 Connections:
* host: (null) port: 0 (default)
refcnt: 2 status: Connected
last used: Thu Feb 9 15:30:01 2012
** ld 0x8058520 Outstanding Requests:
* msgid 5, origid 5, status InProgress
outstanding referrals 0, parent count 0
ld 0x8058520 request count 1 (abandoned 0)
** ld 0x8058520 Response Queue:
Empty
ld 0x8058520 response count 0
ldap_chkResponseList ld 0x8058520 msgid -1 all 1
ldap_chkResponseList returns ld 0x8058520 NULL
ldap_int_select
read1msg: ld 0x8058520 msgid -1 all 1
ber_get_next
sasl_generic_read: want=4, got=4
0000: 00 00 00
6d ...m
sasl_generic_read: want=109, got=109
0000: 05 04 07 ff 00 00 00 00 00 00 00 00 12 b9 aa
11 ................
0010: 2c b0 59 b7 a7 26 8a 02 2e 10 76 24 d1 2a 65 7f ,.Y..&....v
$.*e.
0020: 06 fd ba 3c a5 23 0d d9 7a 3a 9d 05 0c 29 fc
1d ...<.#..z:...)..
0030: 7e 4f 6f db 0c 0e da 33 33 5b dc fb 58 2c 76 d9
~Oo....33[..X,v.
0040: af ff 86 32 cc f2 08 9e e4 05 01 db 55 e8 9d
41 ...2........U..A
0050: 79 07 3f fc 60 bb e8 09 bb 67 a9 84 9c e6 61 28
y.?.`....g....a(
0060: dc f7 ee 69 eb a4 25 bf 93 42 14 4d
e7 ...i..%..B.M.
ldap_read: want=8, got=8
0000: 30 2f 02 01 05 78 2a 0a
0/...x*.
ldap_read: want=41, got=41
0000: 01 00 04 00 04 00 8b 21 64 6e 3a 63 6e 3d 64 61 .......!
dn:cn=da
0010: 6e 69 65 6c 20 73 61 76 61 72 64 2c 64 63 3d 63 niel
savard,dc=c
0020: 69 64 73 2c 64 63 3d 63 61
ids,dc=ca
ber_get_next: tag 0x30 len 47 contents:
ber_dump: buf=0x8069af8 ptr=0x8069af8 end=0x8069b27 len=47
0000: 02 01 05 78 2a 0a 01 00 04 00 04 00 8b 21 64
6e ...x*........!dn
0010: 3a 63 6e 3d 64 61 6e 69 65 6c 20 73 61 76 61 72 :cn=daniel
savar
0020: 64 2c 64 63 3d 63 69 64 73 2c 64 63 3d 63 61
d,dc=cids,dc=ca
read1msg: ld 0x8058520 msgid 5 message type extended-result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8069af8 ptr=0x8069afb end=0x8069b27 len=44
0000: 78 2a 0a 01 00 04 00 04 00 8b 21 64 6e 3a 63 6e x*........!
dn:cn
0010: 3d 64 61 6e 69 65 6c 20 73 61 76 61 72 64 2c 64 =daniel
savard,d
0020: 63 3d 63 69 64 73 2c 64 63 3d 63 61
c=cids,dc=ca
read1msg: ld 0x8058520 0 new referrals
read1msg: mark request completed, ld 0x8058520 msgid 5
request done: ld 0x8058520 msgid 5
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 5, msgid 5)
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8069af8 ptr=0x8069afb end=0x8069b27 len=44
0000: 78 2a 0a 01 00 04 00 04 00 8b 21 64 6e 3a 63 6e x*........!
dn:cn
0010: 3d 64 61 6e 69 65 6c 20 73 61 76 61 72 64 2c 64 =daniel
savard,d
0020: 63 3d 63 69 64 73 2c 64 63 3d 63 61
c=cids,dc=ca
ber_scanf fmt (x) ber:
ber_dump: buf=0x8069af8 ptr=0x8069b04 end=0x8069b27 len=35
0000: 8b 21 64 6e 3a 63 6e 3d 64 61 6e 69 65 6c 20 73 .!
dn:cn=daniel s
0010: 61 76 61 72 64 2c 64 63 3d 63 69 64 73 2c 64 63
avard,dc=cids,dc
0020: 3d 63 61
=ca
ber_scanf fmt (}) ber:
ber_dump: buf=0x8069af8 ptr=0x8069b27 end=0x8069b27 len=0
ldap_parse_extended_result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8069af8 ptr=0x8069afb end=0x8069b27 len=44
0000: 78 2a 0a 01 00 04 00 04 00 8b 21 64 6e 3a 63 6e x*........!
dn:cn
0010: 3d 64 61 6e 69 65 6c 20 73 61 76 61 72 64 2c 64 =daniel
savard,d
0020: 63 3d 63 69 64 73 2c 64 63 3d 63 61
c=cids,dc=ca
ber_scanf fmt (O) ber:
ber_dump: buf=0x8069af8 ptr=0x8069b04 end=0x8069b27 len=35
0000: 8b 21 64 6e 3a 63 6e 3d 64 61 6e 69 65 6c 20 73 .!
dn:cn=daniel s
0010: 61 76 61 72 64 2c 64 63 3d 63 69 64 73 2c 64 63
avard,dc=cids,dc
0020: 3d 63 61
=ca
dn:cn=daniel savard,dc=cids,dc=ca
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 4
0000: 30 05 02 01 06 42 00
0....B.
sasl_generic_write: want=71, written=71
0000: 00 00 00 43 05 04 06 ff 00 00 00 00 00 00 00
00 ...C............
0010: 14 7c 59 14 62 4d d1 00 e2 51 30 43 8b bb 63 30 .|
Y.bM...Q0C..c0
0020: 8e 74 4e 91 57 f8 10 4a 9f ec b4 d2 b2 0c 33
bc .tN.W..J......3.
0030: 67 c8 06 09 2b 22 7f f2 be 26 12 b1 96 cc 8f 10
g...+"...&......
0040: 09 89 32 2a 02 11
d8 ..2*...
ldap_write: want=7, written=7
0000: 30 05 02 01 06 42 00
0....B.
ldap_free_connection: actually freed
Segmentation fault
THX
--
Daniel Savard
11 years, 8 months
cannot get base DN / suffix from ldap browsers
by Jehan Procaccia
Hello,
I cannot figure out why on one of my replicas, I cannot browse the DIT .
Apache Directory Studio for example, only show the "root DSE(2)", but
the base DN (namingContext or directory suffix, whatever you call it
...) isn't visible !?
on my others replicas and the master, everything is fine, I do browse
the DIT, the browser shows "root DSE(3)" with the suffix visible.
I might be missing something obvious, but cannot figure out what.
I checked ACL:
access to dn.base="" by * read
access to dn.base="cn=Subschema" by * read
access to dn.subtree="dc=int-evry,dc=fr"
by dn="cn=admin,dc=int-evry,dc=fr" write
by users read
but still, the suffix dc=int-evry,dc=f doesn't shows up on that
particular replica !?
I run openldap-servers-2.4.23-20.el6.i686 with cn=config created from a
slapd.conf transformed with slaptest -f .
Any help greatly appreciated .
11 years, 8 months
ACL in dynamic configuration
by Nick Milas
Hello,
I have converted from static (slapd.conf) to dynamic (cn=config)
configuration using auto file conversion.
I would like to ask a couple of questions regarding ACL conversion. Here
follows one of the rules we have in initial form (a), and after
conversion (b):
(a)
access to
dn.subtree="dc=xxx.xxx.xxx.in-addr.arpa,ou=dns1,dc=example,dc=gr"
attrs="children,entry"
by group.exact="cn=TechAdmins,ou=Groups,dc=example,dc=gr" write
by group.exact="cn=Dept1Admins,ou=Groups,dc=example,dc=gr" read
by group.exact="cn=Dept2Admins,ou=Groups,dc=example,dc=gr" write
by group.exact="cn=Dept3Admins,ou=Groups,dc=example,dc=gr" read
by group.exact="cn=Dept4Admins,ou=Groups,dc=example,dc=gr" read
by group.exact="cn=Dept5Admins,ou=Groups,dc=example,dc=gr" read
by group.exact="cn=GuestAdmins,ou=Groups,dc=example,dc=gr" read
by dn.exact="uid=dnsauthusr,ou=System,dc=example,dc=gr" read
by * break
(b) as an olcAccess attribute value:
{10}to
dn.subtree="dc=xxx.xxx.xxx.in-addr.arpa,ou=dns1,dc=example,dc=gr"
attrs=children,entry by
group/groupOfNames/member.exact="cn=techadmins,ou=groups,dc=example,dc=gr"
write by
group/groupOfNames/member.exact="cn=Dept1Admins,ou=groups,dc=example,dc=gr"
read by
group/groupOfNames/member.exact="cn=Dept2Admins,ou=groups,dc=example,dc=gr"
write by
group/groupOfNames/member.exact="cn=Dept3Admins,ou=groups,dc=example,dc=gr"
read by
group/groupOfNames/member.exact="cn=Dept4Admins,ou=groups,dc=example,dc=gr"
read by
group/groupOfNames/member.exact="cn=Dept5Admins,ou=groups,dc=example,dc=gr"
read by
group/groupOfNames/member.exact="cn=guestadmins,ou=groups,dc=example,dc=gr"
read by dn.base="uid=dnsauthusr,ou=system,dc=example,dc=gr" read by *
+0 break
Question 1.
Why "group.exact" was changed to "group/groupOfNames/member.exact" ?
Yes, groups are defined as entries of groupOfNames objectClass, with
members defined as values of attribute "member". But should it be like
that? Should we change (manually) "group/groupOfNames/member.exact" back
to "group.exact" again or not (and why)?
Question 2.
Is there a way we can add (manually, since conversion removed the ones
which existed in initial configuration files) line breaks in olcAccess
attribute value so it can be more legible (for administrative purposes)?
Question 3.
What is the "+0" added before "break" and why is needed?
Thanks in advance,
Nick
11 years, 8 months
OpenLDAP 2.4 : replication doesn't work when customer is stopped
by PROST Frédéric
Hello,
I configured MirrorMode replication between 2 openldap 2.4 node installed on Debian (from apt).
Everything is working fine when the two nodes are online but if I stop the second node, and add new datas to the first node, then restart the second node, the new data are not synced.
However, if I then add new datas on node 1, they are replicated to node2 without problem.
Here is a scenario of this problem :
1/ node1 and node 2 are online : I add user1 to node 1 => user1 appears on node2 => ok
2/ node1 is online and node2 is off : I add user2 on node1 => nothing happens on node2 as it is off => ok
3/ I restart node2 => user2 is not replicated to node2 => not ok
4/ node1 and node 2 are online : I add user3 to node 1 => user3 appears on node2 => ok
At the end of this scenario, node1 contains user1, user2 and user3 and node2 contains only user1 and user3 (but not user2).
How can I slove this problem ?
Thank you for your help,
Best regards,
Fred
Here is my config :
version: 1
dn: cn=config
objectClass: olcGlobal
cn: config
olcAllows: bind_v2
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: any
olcPidFile: /var/run/slapd/slapd.pid
olcServerID: 1 ldap://192.168.1.103
olcServerID: 2 ldap://192.168.1.104
olcSizeLimit: 1000000
olcToolThreads: 1
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
olcModulePath: /usr/lib/ldap
dn: olcBackend={0}hdb,cn=config
objectClass: olcBackendConfig
olcBackend: {0}hdb
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern
al,cn=auth manage by * break
olcAccess: {1}to dn.exact="" by * read
olcAccess: {2}to dn.base="cn=Subschema" by * read
olcSizeLimit: 500
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by dn.exact="uid=syncrepl,dc=tracteur91,dc=local" read by
* break
olcAccess: {1}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern
al,cn=auth manage by * break
olcLimits: {0}dn.exact="uid=syncrepl,dc=tracteur91,dc=local" size=unlimited
olcMirrorMode: TRUE
olcRootDN: cn=admin,cn=config
olcRootPW: {MD5}BkY718PMIcgBNjpfXmGpOA==
olcSyncrepl: {0}rid=001 provider="ldap://192.168.1.103" searchbase="cn=confi
g" type=refreshAndPersist bindmethod=simple binddn="uid=syncrepl,dc=tracteu
r91,dc=local" credentials="Tr@cteur91" retry="30 +" network-timeout=5 timeo
ut=30
olcSyncrepl: {1}rid=002 provider="ldap://192.168.1.104" searchbase="cn=confi
g" type=refreshAndPersist bindmethod=simple binddn="uid=syncrepl,dc=tracteu
r91,dc=local" credentials="Tr@cteur91" retry="30 +" network-timeout=5 timeo
ut=30
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 5
dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcAccess: {0}to * by dn.exact="uid=syncrepl,dc=tracteur91,dc=local" read by
* break
olcAccess: {1}to attrs=userPassword,shadowLastChange by self write by anonym
ous auth by dn="cn=admin,dc=tracteur91,dc=local" write by * none
olcAccess: {2}to dn.base="" by * read
olcAccess: {3}to * by self write by dn="cn=admin,dc=tracteur91,dc=local" wri
te by * read
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uid eq
olcDbIndex: cn eq
olcDbIndex: ou eq
olcDbIndex: dc eq
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcLastMod: TRUE
olcLimits: {0}dn.exact="uid=syncrepl,dc=tracteur91,dc=local" size=unlimited
olcMirrorMode: TRUE
olcRootDN: cn=admin,dc=tracteur91,dc=local
olcRootPW: {SSHA}ZtvvlHUQYloI17cv2/cjPFmx51+Ut/+5
olcSuffix: dc=tracteur91,dc=local
olcSyncrepl: {0}rid=003 provider="ldap://192.168.1.103" searchbase="dc=tract
eur91,dc=local" type=refreshAndPersist bindmethod=simple binddn="uid=syncre
pl,dc=tracteur91,dc=local" credentials="Tr@cteur91" retry="30 +" network-ti
meout=5 timeout=30
olcSyncrepl: {1}rid=004 provider="ldap://192.168.1.104" searchbase="dc=tract
eur91,dc=local" type=refreshAndPersist bindmethod=simple binddn="uid=syncre
pl,dc=tracteur91,dc=local" credentials="Tr@cteur91" retry="30 +" network-ti
meout=5 timeout=30
dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 5
11 years, 9 months