Re: ldap auth does not works after openldap upgrade
On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay <
andrew.findlay(a)skills-1st.co.uk> wrote:
On Wed, Feb 16, 2011 at 03:29:45PM -0800, Howard Chu wrote:
> >Similarly I cannot find anything that
> >clearly describes the use of SASL EXTERNAL with ldapi.
>
> http://tools.ietf.org/html/draft-chu-ldap-ldapi-00
Excellent, thanks. That one is remarkably hard to find without a direct
pointer. Could you add it to the doc/drafts directory in the source
perhaps?
Andrew
Here is the search that Apache is doing. Note that "usuarios" in the search
means "users" in portuguese. It doesn't seems even to check if the user
really does part of the group defined in the apache config.
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 fd=21 ACCEPT from IP=
172.16.14.2:34691 (IP=0.0.0.0:389)
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=0 BIND
dn="cn=root,dc=dominio,dc=com,dc=br" method=128
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=0 BIND
dn="cn=root,dc=dominio,dc=com,dc=br" mech=SIMPLE ssf=0
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=0 RESULT tag=97 err=0
text=
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 SRCH
base="ou=Usuarios,dc=dominio,dc=com,dc=br" scope=2 deref=3
filter="(&(objectClass=*)(uid=lscarneiro))"
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 SRCH attr=uid
Feb 17 11:11:39 fileserver slapd[2054]: <= bdb_equality_candidates: (uid)
not indexed
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 ENTRY
dn="uid=lscarneiro,ou=usuarios,dc=dominio,dc=com,dc=br"
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=2 BIND anonymous
mech=implicit ssf=0
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=2 BIND
dn="uid=lscarneiro,ou=Usuarios,dc=dominio,dc=com,dc=br" method=128
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=2 RESULT tag=97 err=49
text=
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 op=3 UNBIND
Feb 17 11:11:39 fileserver slapd[2054]: conn=1014 fd=21 closed
Attachments:
- attachment.htm (text/html — 2.9 KB)