[horde] Fwd: a problem with preferences in ldap
Eric Rostetter
eric.rostetter at physics.utexas.edu
Wed Nov 6 20:04:04 PST 2002
Quoting Chuck Hagenbuch <chuck at horde.org>:
> i am trying for days to install the new horde and imp
> i use: suse linux 8.1, horde 2.1 and imp 3.1 openldap 2.1.4, kronolith,
> turba ...
>
> the autentication i make with pam_ldap and the new imp works fin, but
> my problem is to store the preferences in LDAP !!! (without ldap its ok)
> the same error i get with the passwd-module
What is your ldap prefs configuration? You might post to the
sork at lists.horde.org mailing list also for help on passwd.
> i get allways an error in horde.log:
>
> 13:23:24 HORDE [info] [imp] Bind to server mir:389 with DN
> uid=ablasbichler,dc=sb-brixen,dc=it failed: [2] Protocol error [on line 169
> of "/srv/www/htdocs/horde/lib/Prefs/ldap.php"]
Okay, well, maybe you can look at the ldap server's logs and see what is
there? Max out the ldap server's log verbosity and see if anything shows
up.
> Nov 05 13:23:24 HORDE [info] [imp] Unable to modify preferences: [8]
> Strong(er) authentication required [on line 424
> of "/srv/www/htdocs/horde/lib/Prefs/ldap.php"]
This is obviously coming from the ldap_mod_replace() call to update
the preferences, and obviously it wants stronger authentication.
I've heard of this before when you use a master/slave ldap scheme.
For example, here's a cut-paste job from a google search on the
terms "ldap referral chase"
---
When a modification request is submitted to a slave server, the server returns a
referral pointing to the master server. If referral chasing is on (e.g. -C flag
on ldapmodify, setting LDAP_OPT_REFERRALS on) then the client library will
connect to the master server and re-try the operation.
If the operation requires authentication (as all modify operations tend to) then
there is a problem, as the client library binds to the master server as NULLDN.
It does not re-use the authentication data that it used when making the initial
connection to the slave server.
---
So the question is: do you have a master/slave server setup (whether one
machine or two)? And is referral chasing enabled?
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the horde
mailing list