httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 7495] New: - mod_auth_ldap confused by references in ldap database
Date Tue, 26 Mar 2002 18:54:43 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7495>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7495

mod_auth_ldap confused by references in ldap database

           Summary: mod_auth_ldap confused by references in ldap database
           Product: Apache httpd-1.3
           Version: 1.3.23
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Other mods
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: cwg-apache@deepeddy.com


I'm trying for the first time to use the auth_ldap module and find that it won't
work against my ldap database.

The reason it won't work is that I have references in the database so I can
validate users who are maintained in more than one location.

When I attempt to validate a user with auth_ldap, I get this in the log:

[Tue Mar 26 12:32:54 2002] [error] [client 10.1.2.1] Search must return exactly
1 entry; found 6 entries for search (&(objectclass=vircioUser)(uid=test)): URI /

If I do the same query by hand, I get this:

[root@deepeddy html]# ldapsearch -x '(&(objectclass=vircioUser)(uid=test))'
version: 2

#
# filter: (&(objectclass=vircioUser)(uid=test))
# requesting: ALL
#

# search reference
ref: ldap://10.1.2.1/ou=hosts,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=group,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=services,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=people,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=networks,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=domains,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=protocols,o=vircio,c=US

# search reference
ref: ldap://10.1.2.1/ou=rpc,o=vircio,c=US

# test, People, deepeddy, com
dn: uid=test,ou=People,dc=deepeddy,dc=com
loginShell: /bin/bash
uid: test
uidNumber: 511
gidNumber: 100
homeDirectory: /home/test
rid: 5e7
qmailGID: 100
qmailUID: 511
accountStatus: active
mailMessageStore: ./.Maildir/
mail: test@deepeddy.com
mailForwardingAddress: cwg-test@deepeddy.com
deliveryMode: normal
mailAlternateAddress: testuser@deepeddy.com
sn: Test
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
objectClass: qmailUser
objectClass: vircioUser
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
gecos: Joe Test
cn: Joe Test
givenName: Joe
ntPassword: <censored>
userPassword:: <censored>
lmPassword: <censored>

# search result
search: 2
result: 0 Success

# numResponses: 10
# numEntries: 1

or, if I follow referrals, this:

[root@deepeddy html]# ldapsearch -xC '(&(objectclass=vircioUser)(uid=test))'
version: 2

#
# filter: (&(objectclass=vircioUser)(uid=test))
# requesting: ALL
#

# test, People, deepeddy, com
dn: uid=test,ou=People,dc=deepeddy,dc=com
loginShell: /bin/bash
uid: test
uidNumber: 511
gidNumber: 100
homeDirectory: /home/test
rid: 5e7
qmailGID: 100
qmailUID: 511
accountStatus: active
mailMessageStore: ./.Maildir/
mail: test@deepeddy.com
mailForwardingAddress: cwg-test@deepeddy.com
deliveryMode: normal
mailAlternateAddress: testuser@deepeddy.com
sn: Test
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
objectClass: qmailUser
objectClass: vircioUser
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
gecos: Joe Test
cn: Joe Test
givenName: Joe
ntPassword: <censored>
userPassword:: <censored>
lmPassword: <censored>

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

I'd be happy if there were a way to simply follow references when doing the
query.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message