[Auth_ldap] Intermittent auth trouble

Ace Suares ace at suares.nl
Mon Nov 10 13:41:38 PST 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi Brent,

> This sounds exactly like the problem for which I wrote a patch nearly 2
> years ago (there hasn't been a new "released" version of auth_ldap 1.6.0
> since then).  Are your users not visible via an anonymous search, and
> hence you are using AuthLDAPBindDN and AuthLDAPBindPassword?  If so, see
> the list archives, this may have what you need:
>
> http://www.rudedog.org/pipermail/auth_ldap/2001-December/043545.html


I checked those, thanks for the hint.
However, I am not sure if I should use the patch - I use anonymous bind as far 
as I know. But then, your description of the problem looks very much like my 
problem!

Maybe I shoud use your patch and then use autldapbinddn ? 
Are you aware of any other directives that can influence this behaviour, even 
using anonymous bind ?

_Ace


>
> Hope this helps,
> Brent
>
> Ace Suares wrote:
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Hi All,
> >
> >Here's my problem: When I open let's say 5 browser sessions and I am going
> > to a protected page in all five (different one in all 5) and then refresh
> > them, SOME of them are not logging in correctly.
> >
> >I use Apache/1.3.27 (Linux/SuSE) and the aut_ldap module (how to find the
> >version?) and openldap 2.1.22
> >
> >In error.log I get:
> >
> >[Sun Nov  9 20:02:24 2003] [error] [client 127.0.0.1] Search must return
> >exactly 1 entry; found 0 entries for search
> > (&(objectclass=qtop)(uid=qwido)): URI /qwido/00_admin/
> >
> >Funny thing is, this is intermittent error. Sometimes yes, sometimes no.
> >I tried with Opera, Mozilla, Konquerer. I also tried with apache2 (in
> > fact, I upgraded from apache to apache2, experienced these problems, then
> > downgraded to apache 1, found out (finally) that in slapd.conf I need
> > 'allow bind_v2' to make auth_ldap work (!) but still have the same
> > problems.
> >
> >So, is this a
> >- - - browser problem ? (Don't think so, tried more browsers, and in error
> > log it's looking for the right thing)
> >- - - apache problem ? (Don't know, bot apache and apache2 have this
> > problem) - - - auth_ldap problem ? (Don't know, there is different
> > versions of auth_ldap for apache and for apache2).
> >
> >I disabled cachesize and op-cachesize and problem stayed.
> >
> >Any idea ???
> >
> >Thx
> >ace
> >
> >Update: it also happens when having just one browser open.
> >Doing ldapsearch from the command line doesn't give any problems...
> >
> >
> >
> >website: http://www.suares.nl * http://www.qwikzite.nl
> >-----BEGIN PGP SIGNATURE-----
> >Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
> >
> >iD8DBQE/r/LPy7boE8xtIjURArc3AJ9RiprH4IFU4clc7agesdGxFi9p1QCgkBVn
> >XN655KwY1BTS0L+8SUnLNUU=
> >=30yS
> >-----END PGP SIGNATURE-----
> >_______________________________________________
> >Auth_ldap mailing list
> >Auth_ldap at rudedog.org
> >http://www.rudedog.org/mailman/listinfo/auth_ldap

- -- 
Ace Suares' Internet Consultancy
NIEUW ADRES: Postbus 2599, 4800 CN Breda
telefoon: 06-244 33 608
fax en voicemail: 0848-707 705
website: http://www.suares.nl * http://www.qwikzite.nl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQE/sAYSy7boE8xtIjURAv9lAJ4ljIi2OExwnRhH+lY5D4R+rwSjbACfdiqi
TW1oWc3k5AGs+Bwm0x/aXgg=
=jL+t
-----END PGP SIGNATURE-----

More information about the Auth_ldap mailing list