[horde] Fwd: a problem with preferences in ldap

Eric Rostetter eric.rostetter at physics.utexas.edu
Wed Nov 6 20:04:04 PST 2002 

Quoting Chuck Hagenbuch <chuck at horde.org>:

> i am trying for days to install the new horde and imp
> i use: suse linux 8.1, horde 2.1 and imp 3.1 openldap 2.1.4, kronolith,
> turba ...
> 
> the autentication i make with pam_ldap and the new imp works fin, but
> my problem is to store the preferences in LDAP !!! (without ldap its ok)
> the same error i get with the passwd-module

What is your ldap prefs configuration?  You might post to the
sork at lists.horde.org mailing list also for help on passwd.

> i get allways an error in horde.log:
> 
> 13:23:24 HORDE [info] [imp] Bind to server mir:389 with DN
> uid=ablasbichler,dc=sb-brixen,dc=it failed: [2] Protocol error [on line 169
> of "/srv/www/htdocs/horde/lib/Prefs/ldap.php"]

Okay, well, maybe you can look at the ldap server's logs and see what is 
there?  Max out the ldap server's log verbosity and see if anything shows
up.

> Nov 05 13:23:24 HORDE [info] [imp] Unable to modify preferences: [8]
> Strong(er) authentication required [on line 424
> of "/srv/www/htdocs/horde/lib/Prefs/ldap.php"]

This is obviously coming from the ldap_mod_replace() call to update
the preferences, and obviously it wants stronger authentication.  

I've heard of this before when you use a master/slave ldap scheme.
For example, here's a cut-paste job from a google search on the
terms "ldap referral chase"

---
When a modification request is submitted to a slave server, the server returns a
referral pointing to the master server. If referral chasing is on (e.g. -C flag
on ldapmodify, setting LDAP_OPT_REFERRALS on) then the client library will
connect to the master server and re-try the operation.

If the operation requires authentication (as all modify operations tend to) then
there is a problem, as the client library binds to the master server as NULLDN.
It does not re-use the authentication data that it used when making the initial
connection to the slave server.
---


So the question is: do you have a master/slave server setup (whether one
machine or two)?  And is referral chasing enabled?

-- 
Eric Rostetter
The Department of Physics
The University of Texas at Austin

Why get even? Get odd!

More information about the horde mailing list