From: "alex popov" <alplists@mail.ru>
To: community@lists.altlinux.org
Subject: [Comm] Проблемы с openldap + sasl
Date: Tue, 10 Jan 2006 14:56:21 +0300
Message-ID: <op.s25vf7ekxbybpd@the_me> (raw)
Собственно, сабж. Симптоматика такова:
Есть ALM 2.4, есть openldap-* поставленый с DVD. Запускается в чруте. При
попытке сказать
----
ldapadd -Dcn=admin,dc=alp,dc=loc -W -f /etc/openldap/ldif/base.ldif
----
вываливается ошибка:
----[ msg ]---------
[root@prima ldif]# ldapadd -Dcn=admin,dc=alp,dc=loc -W -f base.ldif
Enter LDAP Password:
ldap_sasl_interactive_bind_s: No such attribute (16)
--------------------
В логах имею:
----[ log ]---------
Dec 28 15:55:30 prima slapd[3678]: conn=0 fd=11 ACCEPT from
IP=127.0.0.1:1042 (IP=127.0.0.1:389)
Dec 28 15:55:30 prima slapd[3680]: conn=0 op=0 SRCH base="" scope=0
filter="(objectClass=*)"
Dec 28 15:55:30 prima slapd[3680]: conn=0 op=0 SRCH
attr=supportedSASLMechanisms
Dec 28 15:55:30 prima slapd[3680]: conn=0 op=0 ENTRY dn=""
Dec 28 15:55:30 prima slapd[3680]: conn=0 op=0 RESULT tag=101 err=0 text=
Dec 28 15:55:30 prima slapd[3680]: conn=0 fd=11 closed
--------------------
В конфиге лдапа указанный CN прописан. Пароль тоже.
Если в каталог чрута (/var/lib/ldap/...) скопировать библиотеки SASL'а
(usr/lib/libsasl2 + /usr/lib/sasl2/*) вывод немного меняется, но результат
тот же:
----[ msg ]---------
[proot@prima ldif]# ldapadd -Dcn=adin,dc=alp,dc=loc -W -f base.ldif
Enter LDAP Password:
SASL/SRP authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
additional info: SASL(-13): user not found: no secret in database
--------------------
----[ log ]---------
Dec 28 15:49:10 prima slapd[2987]: conn=10 fd=11 ACCEPT from
IP=127.0.0.1:1040 (IP=127.0.0.1:389)
Dec 28 15:49:10 prima slapd[3002]: conn=10 op=0 SRCH base="" scope=0
filter="(objectClass=*)"
Dec 28 15:49:10 prima slapd[3002]: conn=10 op=0 SRCH
attr=supportedSASLMechanisms
Dec 28 15:49:10 prima slapd[3002]: access_allowed: no res from state
(supportedSASLMechanisms)
Dec 28 15:49:10 prima slapd[3002]: conn=10 op=0 ENTRY dn=""
Dec 28 15:49:10 prima slapd[3002]: conn=10 op=0 RESULT tag=101 err=0 text=
Dec 28 15:49:10 prima ldapadd: SRP client step 1
Dec 28 15:49:10 prima ldapadd: SRP client step 1
Dec 28 15:49:10 prima slapd[3002]: conn=10 op=1 BIND
dn="cn=adin,dc=alp,dc=loc" method=163
Dec 28 15:49:10 prima slapd[3002]: SRP server step 1
Dec 28 15:49:10 prima slapd[3002]: >>> dnNormalize:
<uid=root,cn=SRP,cn=auth>
Dec 28 15:49:10 prima slapd[3002]: <<< dnNormalize:
<uid=root,cn=srp,cn=auth>
Dec 28 15:49:10 prima slapd[3002]: conn=10 op=1 RESULT tag=97 err=80
text=SASL(-13): user not found: no secret in database
Dec 28 15:49:10 prima slapd[2987]: conn=10 fd=11 closed
--------------------
Если ставлю cyrus-sasl2, добавляю в БД сасла пароль для admin или
cn=admin,dc=alp,dc=loc, перекидываю базу в каталог чрута, происходит все
то же самое :(
Помогите, пожалуйста, решить эту проблему. Гугль и яндекс на предмет
подобного промолчали.
--
Отправлено M2, революционной почтовой программой Opera:
http://www.opera.com/mail/
next reply other threads:[~2006-01-10 11:56 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-10 11:56 alex popov [this message]
2006-01-10 12:04 ` Genix
2006-01-10 12:08 ` Anton Gorlov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=op.s25vf7ekxbybpd@the_me \
--to=alplists@mail.ru \
--cc=community@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git