Summary: | proftpd wont connect to ldap server | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Daniel 'Fremen' Llewellyn <daniel> |
Component: | [OLD] Server | Assignee: | Luca Longinotti (RETIRED) <chtekk> |
Status: | RESOLVED TEST-REQUEST | ||
Severity: | normal | CC: | humpback, stian |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
Patch against proftpd-1.2.10-r7.ebuild add use flag ldapv3bind
Patch against proftpd-1.2.10-r7 to add v3 ldap binds without TLS Patch against proftpd-1.2.10-r7 to add v3 ldap binds with standard TLS dependancy |
Description
Daniel 'Fremen' Llewellyn
2005-03-26 14:06:54 UTC
I am also experiencing this. When attempting to login I also receive this error message in the slapd log: RESULT tag=97 err=2 text=requested protocol version not allowed Versions of the proftpd mod_ldap module prior to 2.8.13 (current version in proftp-1.2.10-r1 appears to be 2.8.12) use LDAPv2. This seems to be what is causing the problem. I don't have access to my gentoo machine right now, but I remember from some ldap configure tutors, that they often add something like this into slapd config: allow bind v2 I am no longer trying to use this method of connecting, so I cannot confirm whether this fixes the problem or not. I had no end of troublews with LDAP, so I quit using it completely The ldap module for proftpd does indeed attempt a v2 bind by default. There is a definition that can be uncommented in the source to allow v3 binds with SASL. I am running slapd on the same server as proftpd, so I don't require SASL, and since the standard enabling of v3 binds fails if it can't initiate an SASL connection, I've just enabled v3 binds without SASL. See the attached patches to the net-ftp/proftpd-1.2.10-r7 ebuild, to enable v3+sasl, just rename proftpd-ldapv3bind-sasl.patch to proftpd-ldapv3bind.patch and use that instead of the standard one. Hope this helps some people, and the maintainer (gustavoz?) might want to have a look at the patches (they're quite simple) and decide which/whether to include. Created attachment 71845 [details, diff]
Patch against proftpd-1.2.10-r7.ebuild add use flag ldapv3bind
Created attachment 71846 [details, diff]
Patch against proftpd-1.2.10-r7 to add v3 ldap binds without TLS
Created attachment 71847 [details, diff]
Patch against proftpd-1.2.10-r7 to add v3 ldap binds with standard TLS dependancy
Umm, and just so you don't get confused, please s/SASL/TLS/g in all my previous posts :P Sorry bout that, slight brain malfunction... Can you please try with proftpd-1.3.0-r2, if it still breaks without the patches? I don't have any OpenLDAP install where I could really test this... Thanks! Best regards, CHTEKK. |