[Fedora-directory-users] nss_ldap cannot authenticate vs FDS
Peter Santiago
peters at psinergybbs.com
Wed Oct 3 15:44:20 UTC 2007
Hi,
I was able to finally configure FDS to sync with ADS with Winsync.
Thanks a lot to the members here.
Now I ran into another peculiar problem. NSS_LDAP seems not to be
able to authenticate or do a successful query against FDS.
I used ldapsearch to double check, I was able to do a successful query
against FDS.
Attached are two files from doing id and ldapsearch. I have
enabled debugging.
Could someone help explain why ldapsearch can successfully query
FDS whereas NSS_LDAP cannot? Maybe there is a need to patch NSS_LDAP?
I'm using nss_ldap 253 from fedora 6 package.
--
Peter Santiago peters at psinergybbs.com
My website: www.psinergybbs.com
My spamtrap address: r34987y at psinergybbs.com
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20071003/1cf30546/attachment.htm>
-------------- next part --------------
ldap_create
ldap_url_parse_ext(ldap://192.168.0.2/)
ldap_create
ldap_url_parse_ext(ldap://192.168.0.2/)
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 192.168.0.2:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.0.2:389
ldap_connect_timeout: fd: 3 tm: 120 async: 0
ldap_ndelay_on: 3
ldap_is_sock_ready: 3
ldap_ndelay_off: 3
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({i) ber:
ber_flush: 14 bytes to sd 3
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_result ld 0x9fef048 msgid 1
ldap_chkResponseList ld 0x9fef048 msgid 1 all 0
ldap_chkResponseList returns ld 0x9fef048 NULL
wait4msg ld 0x9fef048 msgid 1 (timeout 120000000 usec)
wait4msg continue ld 0x9fef048 msgid 1 all 0
** ld 0x9fef048 Connections:
* host: 192.168.0.2 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 3 23:29:10 2007
** ld 0x9fef048 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** ld 0x9fef048 Response Queue:
Empty
ldap_chkResponseList ld 0x9fef048 msgid 1 all 0
ldap_chkResponseList returns ld 0x9fef048 NULL
ldap_int_select
read1msg: ld 0x9fef048 msgid 1 all 0
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
read1msg: ld 0x9fef048 msgid 1 message type bind
ber_scanf fmt ({eaa) ber:
ber_scanf fmt ({eaa}) ber:
new result: res_errno: 0, res_error: <>, res_matched: <>
read1msg: ld 0x9fef048 0 new referrals
read1msg: mark request completed, ld 0x9fef048 msgid 1
request done: ld 0x9fef048 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
ldap_search
put_filter: "(&(objectClass=inetOrgPerson)(uid=ftest))"
put_filter: AND
put_filter_list "(objectClass=inetOrgPerson)(uid=ftest)"
put_filter: "(objectClass=inetOrgPerson)"
put_filter: simple
put_simple_filter: "objectClass=inetOrgPerson"
put_filter: "(uid=ftest)"
put_filter: simple
put_simple_filter: "uid=ftest"
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({) ber:
ber_flush: 193 bytes to sd 3
0000: 30 81 be 02 01 02 63 81 b8 04 0e 64 63 3d 65 61 0.....c....dc=ea
0010: 74 73 63 2c 64 63 3d 74 73 0a 01 02 0a 01 00 02 tsc,dc=ts.......
0020: 01 01 02 01 78 01 01 00 a0 2c a3 1c 04 0b 6f 62 ....x....,....ob
0030: 6a 65 63 74 43 6c 61 73 73 04 0d 69 6e 65 74 4f jectClass..inetO
0040: 72 67 50 65 72 73 6f 6e a3 0c 04 03 75 69 64 04 rgPerson....uid.
0050: 05 66 74 65 73 74 30 69 04 03 75 69 64 04 0c 75 .ftest0i..uid..u
0060: 73 65 72 50 61 73 73 77 6f 72 64 04 09 75 69 64 serPassword..uid
0070: 4e 75 6d 62 65 72 04 09 67 69 64 4e 75 6d 62 65 Number..gidNumbe
0080: 72 04 02 63 6e 04 0d 68 6f 6d 65 44 69 72 65 63 r..cn..homeDirec
0090: 74 6f 72 79 04 0a 6c 6f 67 69 6e 53 68 65 6c 6c tory..loginShell
00a0: 04 05 67 65 63 6f 73 04 0b 64 65 73 63 72 69 70 ..gecos..descrip
00b0: 74 69 6f 6e 04 0b 6f 62 6a 65 63 74 43 6c 61 73 tion..objectClas
00c0: 73 s
ldap_write: want=193, written=193
0000: 30 81 be 02 01 02 63 81 b8 04 0e 64 63 3d 65 61 0.....c....dc=ea
0010: 74 73 63 2c 64 63 3d 74 73 0a 01 02 0a 01 00 02 tsc,dc=ts.......
0020: 01 01 02 01 78 01 01 00 a0 2c a3 1c 04 0b 6f 62 ....x....,....ob
0030: 6a 65 63 74 43 6c 61 73 73 04 0d 69 6e 65 74 4f jectClass..inetO
0040: 72 67 50 65 72 73 6f 6e a3 0c 04 03 75 69 64 04 rgPerson....uid.
0050: 05 66 74 65 73 74 30 69 04 03 75 69 64 04 0c 75 .ftest0i..uid..u
0060: 73 65 72 50 61 73 73 77 6f 72 64 04 09 75 69 64 serPassword..uid
0070: 4e 75 6d 62 65 72 04 09 67 69 64 4e 75 6d 62 65 Number..gidNumbe
0080: 72 04 02 63 6e 04 0d 68 6f 6d 65 44 69 72 65 63 r..cn..homeDirec
0090: 74 6f 72 79 04 0a 6c 6f 67 69 6e 53 68 65 6c 6c tory..loginShell
00a0: 04 05 67 65 63 6f 73 04 0b 64 65 73 63 72 69 70 ..gecos..descrip
00b0: 74 69 6f 6e 04 0b 6f 62 6a 65 63 74 43 6c 61 73 tion..objectClas
00c0: 73 s
ldap_result ld 0x9fef048 msgid 2
ldap_chkResponseList ld 0x9fef048 msgid 2 all 1
ldap_chkResponseList returns ld 0x9fef048 NULL
wait4msg ld 0x9fef048 msgid 2 (timeout 120000000 usec)
wait4msg continue ld 0x9fef048 msgid 2 all 1
** ld 0x9fef048 Connections:
* host: 192.168.0.2 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 3 23:29:10 2007
** ld 0x9fef048 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x9fef048 Response Queue:
Empty
ldap_chkResponseList ld 0x9fef048 msgid 2 all 1
ldap_chkResponseList returns ld 0x9fef048 NULL
ldap_int_select
read1msg: ld 0x9fef048 msgid 2 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 81 92 02 01 02 64 81 0.....d.
ldap_read: want=141, got=141
0000: 8c 04 23 75 69 64 3d 66 74 65 73 74 2c 6f 75 3d ..#uid=ftest,ou=
0010: 50 65 6f 70 6c 65 2c 20 64 63 3d 65 61 74 73 63 People, dc=eatsc
0020: 2c 64 63 3d 74 73 30 65 30 0e 04 03 75 69 64 31 ,dc=ts0e0...uid1
0030: 07 04 05 66 74 65 73 74 30 10 04 02 63 6e 31 0a ...ftest0...cn1.
0040: 04 08 66 64 73 20 74 65 73 74 30 41 04 0b 6f 62 ..fds test0A..ob
0050: 6a 65 63 74 43 6c 61 73 73 31 32 04 03 74 6f 70 jectClass12..top
0060: 04 06 70 65 72 73 6f 6e 04 14 6f 72 67 61 6e 69 ..person..organi
0070: 7a 61 74 69 6f 6e 61 6c 50 65 72 73 6f 6e 04 0d zationalPerson..
0080: 69 6e 65 74 6f 72 67 70 65 72 73 6f 6e inetorgperson
ber_get_next: tag 0x30 len 146 contents:
read1msg: ld 0x9fef048 msgid 2 message type search-entry
wait4msg ld 0x9fef048 120 secs to go
wait4msg continue ld 0x9fef048 msgid 2 all 1
** ld 0x9fef048 Connections:
* host: 192.168.0.2 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 3 23:29:10 2007
** ld 0x9fef048 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x9fef048 Response Queue:
* msgid 2, type 100
ldap_chkResponseList ld 0x9fef048 msgid 2 all 1
ldap_chkResponseList returns ld 0x9fef048 NULL
ldap_int_select
read1msg: ld 0x9fef048 msgid 2 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 02 65 07 0a 0....e..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
read1msg: ld 0x9fef048 msgid 2 message type search-result
ber_scanf fmt ({eaa) ber:
ber_scanf fmt ({eaa}) ber:
new result: res_errno: 0, res_error: <>, res_matched: <>
read1msg: ld 0x9fef048 0 new referrals
read1msg: mark request completed, ld 0x9fef048 msgid 2
request done: ld 0x9fef048 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
adding response ld 0x9fef048 msgid 2 type 101:
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (}) ber:
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_scanf fmt (x}{a) ber:
ber_scanf fmt (x}{a) ber:
ber_scanf fmt ([v]) ber:
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_scanf fmt (x}{a) ber:
ber_scanf fmt (x}{a) ber:
ber_scanf fmt (x}{a) ber:
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_scanf fmt ([v]) ber:
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_scanf fmt (x}{a) ber:
ber_scanf fmt (x}{a) ber:
ber_scanf fmt (x}{a) ber:
ldap_msgfree
id: ftest: No such user
-------------- next part --------------
ldap_create
ldap_url_parse_ext(ldap://192.168.0.2)
ldap_bind
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 192.168.0.2:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.0.2:389
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({i) ber:
ber_flush: 14 bytes to sd 3
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_result ld 0x94e9048 msgid 1
ldap_chkResponseList ld 0x94e9048 msgid 1 all 1
ldap_chkResponseList returns ld 0x94e9048 NULL
wait4msg ld 0x94e9048 msgid 1 (infinite timeout)
wait4msg continue ld 0x94e9048 msgid 1 all 1
** ld 0x94e9048 Connections:
* host: 192.168.0.2 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 3 23:28:47 2007
** ld 0x94e9048 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** ld 0x94e9048 Response Queue:
Empty
ldap_chkResponseList ld 0x94e9048 msgid 1 all 1
ldap_chkResponseList returns ld 0x94e9048 NULL
ldap_int_select
read1msg: ld 0x94e9048 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
read1msg: ld 0x94e9048 msgid 1 message type bind
ber_scanf fmt ({eaa) ber:
read1msg: ld 0x94e9048 0 new referrals
read1msg: mark request completed, ld 0x94e9048 msgid 1
request done: ld 0x94e9048 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
ldap_search_ext
put_filter: "(&(objectclass=inetOrgPerson)(uid=ftest))"
put_filter: AND
put_filter_list "(objectclass=inetOrgPerson)(uid=ftest)"
put_filter: "(objectclass=inetOrgPerson)"
put_filter: simple
put_simple_filter: "objectclass=inetOrgPerson"
put_filter: "(uid=ftest)"
put_filter: simple
put_simple_filter: "uid=ftest"
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({) ber:
ber_flush: 86 bytes to sd 3
0000: 30 54 02 01 02 63 4f 04 0e 64 63 3d 65 61 74 73 0T...cO..dc=eats
0010: 63 2c 64 63 3d 74 73 0a 01 02 0a 01 00 02 01 00 c,dc=ts.........
0020: 02 01 00 01 01 00 a0 2c a3 1c 04 0b 6f 62 6a 65 .......,....obje
0030: 63 74 63 6c 61 73 73 04 0d 69 6e 65 74 4f 72 67 ctclass..inetOrg
0040: 50 65 72 73 6f 6e a3 0c 04 03 75 69 64 04 05 66 Person....uid..f
0050: 74 65 73 74 30 00 test0.
ldap_write: want=86, written=86
0000: 30 54 02 01 02 63 4f 04 0e 64 63 3d 65 61 74 73 0T...cO..dc=eats
0010: 63 2c 64 63 3d 74 73 0a 01 02 0a 01 00 02 01 00 c,dc=ts.........
0020: 02 01 00 01 01 00 a0 2c a3 1c 04 0b 6f 62 6a 65 .......,....obje
0030: 63 74 63 6c 61 73 73 04 0d 69 6e 65 74 4f 72 67 ctclass..inetOrg
0040: 50 65 72 73 6f 6e a3 0c 04 03 75 69 64 04 05 66 Person....uid..f
0050: 74 65 73 74 30 00 test0.
ldap_result ld 0x94e9048 msgid -1
ldap_chkResponseList ld 0x94e9048 msgid -1 all 0
ldap_chkResponseList returns ld 0x94e9048 NULL
wait4msg ld 0x94e9048 msgid -1 (infinite timeout)
wait4msg continue ld 0x94e9048 msgid -1 all 0
** ld 0x94e9048 Connections:
* host: 192.168.0.2 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 3 23:28:47 2007
** ld 0x94e9048 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x94e9048 Response Queue:
Empty
ldap_chkResponseList ld 0x94e9048 msgid -1 all 0
ldap_chkResponseList returns ld 0x94e9048 NULL
ldap_int_select
read1msg: ld 0x94e9048 msgid -1 all 0
ber_get_next
ldap_read: want=8, got=8
0000: 30 81 b5 02 01 02 64 81 0.....d.
ldap_read: want=176, got=176
0000: af 04 23 75 69 64 3d 66 74 65 73 74 2c 6f 75 3d ..#uid=ftest,ou=
0010: 50 65 6f 70 6c 65 2c 20 64 63 3d 65 61 74 73 63 People, dc=eatsc
0020: 2c 64 63 3d 74 73 30 81 87 30 0e 04 03 75 69 64 ,dc=ts0..0...uid
0030: 31 07 04 05 66 74 65 73 74 30 12 04 09 67 69 76 1...ftest0...giv
0040: 65 6e 4e 61 6d 65 31 05 04 03 66 64 73 30 41 04 enName1...fds0A.
0050: 0b 6f 62 6a 65 63 74 43 6c 61 73 73 31 32 04 03 .objectClass12..
0060: 74 6f 70 04 06 70 65 72 73 6f 6e 04 14 6f 72 67 top..person..org
0070: 61 6e 69 7a 61 74 69 6f 6e 61 6c 50 65 72 73 6f anizationalPerso
0080: 6e 04 0d 69 6e 65 74 6f 72 67 70 65 72 73 6f 6e n..inetorgperson
0090: 30 0c 04 02 73 6e 31 06 04 04 74 65 73 74 30 10 0...sn1...test0.
00a0: 04 02 63 6e 31 0a 04 08 66 64 73 20 74 65 73 74 ..cn1...fds test
ber_get_next: tag 0x30 len 181 contents:
read1msg: ld 0x94e9048 msgid 2 message type search-entry
ldap_get_dn_ber
ber_scanf fmt ({ml{) ber:
ldap_dn2ufn
ldap_dn_normalize
ber_scanf fmt ({xx) ber:
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ldap_get_attribute_ber
ldap_msgfree
ldap_result ld 0x94e9048 msgid -1
ldap_chkResponseList ld 0x94e9048 msgid -1 all 0
ldap_chkResponseList returns ld 0x94e9048 NULL
wait4msg ld 0x94e9048 msgid -1 (infinite timeout)
wait4msg continue ld 0x94e9048 msgid -1 all 0
** ld 0x94e9048 Connections:
* host: 192.168.0.2 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 3 23:28:47 2007
** ld 0x94e9048 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x94e9048 Response Queue:
Empty
ldap_chkResponseList ld 0x94e9048 msgid -1 all 0
ldap_chkResponseList returns ld 0x94e9048 NULL
ldap_int_select
read1msg: ld 0x94e9048 msgid -1 all 0
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 02 65 07 0a 0....e..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
read1msg: ld 0x94e9048 msgid 2 message type search-result
ber_scanf fmt ({eaa) ber:
read1msg: ld 0x94e9048 0 new referrals
read1msg: mark request completed, ld 0x94e9048 msgid 2
request done: ld 0x94e9048 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (}) ber:
ldap_err2string
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
ber_flush: 7 bytes to sd 3
0000: 30 05 02 01 03 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 03 42 00 0....B.
ldap_free_connection: actually freed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3051 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20071003/1cf30546/attachment.p7s>
More information about the Fedora-directory-users
mailing list