Hi, I'm trying to use the ldap ptloader with the following : ldap_base: dc=naturvern,dc=no ldap_member_base: dc=naturvern,dc=no ldap_group_base: ou=groups,dc=naturvern,dc=no #ldap_member_method: attribute #ldap_member_filter: (memberUid: %u) #ldap_member_scope: sub #ldap_mech: plain login # I've alos tried ldap_sasl: 0 ldap_sasl: no ldap_restart: 1 #ldap_start_tls:0 ldap_timeout: 4 ldap_tls_cacert_dir: /etc/ssl/certs ldap_tls_check_peer: no ldap_uri: ldap://mail.naturvern.no/ ldap://felles.naturvern.no/
Here's what the logs say when ptloader connects to the ldapserver: l 10 21:44:59 mail slapd[9431]: daemon: read activity on 20 Jul 10 21:44:59 mail slapd[9431]: connection_get(20) Jul 10 21:44:59 mail slapd[9431]: connection_get(20): got connid=15 Jul 10 21:44:59 mail slapd[9431]: connection_read(20): checking for input on id=15 Jul 10 21:44:59 mail slapd[9431]: ber_get_next on fd 20 failed errno=11 (Resource temporarily unavailable) Jul 10 21:44:59 mail slapd[9431]: do_extended Jul 10 21:44:59 mail slapd[9431]: => get_ctrls Jul 10 21:44:59 mail slapd[9431]: => get_ctrls: oid="2.16.840.1.113730.3.4.18" (critical) Jul 10 21:44:59 mail slapd[9431]: parseProxyAuthz: conn 15 authzid="u:tarjeih" Jul 10 21:44:59 mail slapd[9431]: slap_sasl_getdn: id=u:tarjeih [len=9] Jul 10 21:44:59 mail slapd[9431]: slap_sasl_getdn: u:id converted to uid=tarjeih,cn=SIMPLE,cn=auth Jul 10 21:44:59 mail slapd[9431]: >>> dnNormalize: <uid=tarjeih,cn=SIMPLE,cn=auth> Jul 10 21:44:59 mail slapd[9431]: <<< dnNormalize: <uid=tarjeih,cn=simple,cn=auth> Jul 10 21:44:59 mail slapd[9431]: ==>slap_sasl2dn: converting SASL name uid=tarjeih,cn=simple,cn=auth to a DN Jul 10 21:44:59 mail slapd[9431]: slap_sasl_regexp: converting SASL name uid=tarjeih,cn=simple,cn=auth Jul 10 21:44:59 mail slapd[9431]: <==slap_sasl2dn: Converted SASL name to <nothing> Jul 10 21:44:59 mail slapd[9431]: parseProxyAuthz: conn=15 "uid=tarjeih,cn=simple,cn=auth" Jul 10 21:44:59 mail slapd[9431]: ==>slap_sasl_authorized: can (null) become uid=tarjeih,cn=simple,cn=auth? Jul 10 21:44:59 mail slapd[9431]: <== slap_sasl_authorized: return 48 Jul 10 21:44:59 mail slapd[9431]: <= get_ctrls: n=1 rc=47 err="not authorized to assume identity" Jul 10 21:44:59 mail slapd[9431]: send_ldap_result: conn=15 op=10 p=3 Jul 10 21:44:59 mail slapd[9431]: send_ldap_result: err=47 matched="" text="not authorized to assume identity" Jul 10 21:44:59 mail slapd[9431]: send_ldap_response: msgid=11 tag=120 err=47 Jul 10 21:44:59 mail slapd[9431]: do_extended: get_ctrls failed Now, as far as I understand, this shouldn't happen as ptloader has better things to do. I just want it to use a simple anonymous bind. What should I do to get that? kind regards, Tarjei -- Tarjei Huse <[EMAIL PROTECTED]> --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html