Hi folks, I am currently experiencing an issue with IPA Server set up on Fedora 36, using ipa-adtrust-install, and I'm unsure if this is due to a bug or misconfiguration on my part.
Here's what I've done:
I ran the following ldapsearch command:
ldapsearch -LL -H cldap://server.example.com -b '' -s base 'dc=example,dc=com' "(&(DnsDomain='dc=example,dc=com')(NtVer=\x06\x00\x00\x00)(AAC=\x00\x00\x00\x00))"
On OpenLDAP 2.4.46, it was working fine, and it gave an output. But OpenLDAP 2.6.2 and 2.6.4 fails with No such object (32) error.
I used gdb to investigate and found that the error occurred here: https://git.openldap.org/openldap/openldap/-/blob/master/clients/tools/commo...
It executes ldap_sasl_interactive_bind, but it exits right in the beginning: https://git.openldap.org/openldap/openldap/-/blob/master/libraries/libldap/s...
So back at: https://git.openldap.org/openldap/openldap/-/blob/master/clients/tools/commo... It exists the do-while loop right away and leaves with no result.
I'm wondering if I missed something or if there was an oversight in the implementation of this RFC, specifically regarding the CLDAP case: https://git.openldap.org/openldap/openldap/-/commit/2ae62e86bc8ffab713fc4897...
Looking forward to your thoughts!
Best Regards, Simon