- 论坛徽章:
- 0
|
server penldap openldap-2.4.37 ,未使用加密
client 可以使用ldapsearch 查询信息,可以用root su 到用户。但用户不能登录,用户不能修改密码。
server 端日志:
52fca36f >>> slap_listener(ldap:///)
52fca36f connection_get(17): got connid=1001
52fca36f connection_read(17): checking for input on id=1001
ber_get_next
ber_get_next: tag 0x30 len 29 contents:
52fca36f op tag 0x77, time 1392288623
ber_get_next
52fca36f conn=1001 op=0 do_extended
ber_scanf fmt ({m) ber:
52fca36f conn=1001 op=0 do_extended: unsupported operation "1.3.6.1.4.1.1466.20037"
52fca36f send_ldap_result: conn=1001 op=0 p=3
52fca36f send_ldap_response: msgid=1 tag=120 err=2
ber_flush2: 44 bytes to sd 17
52fca36f connection_get(17): got connid=1001
52fca36f connection_read(17): checking for input on id=1001
ber_get_next
52fca36f ber_get_next on fd 17 failed errno=34 (Numerical result out of range)
52fca36f connection_close: conn=1001 sd=17
可以看到52fca36f conn=1001 op=0 do_extended: unsupported operation "1.3.6.1.4.1.1466.20037"
server sldapd.conf关于权限配置
access to attrs=shadowLastChange,userPassword
by self write
by * auth
by anonymous auth
access to *
by * read
by self write
请问,可能是哪出现了问题呢?
|
|