Public bug reported: sssd fails to obtain ldap results and marks the ldap server as "offline" when used with libldap-2.4-2 2.4.28-1.1ubuntu2, as ldap_result always returns -1. Reverting to libldap-2.4-2 2.4.25-1.1ubuntu4 fixes the problem.
This seems to be an upstream bug, also seen in Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=771484 >From the sssd log (w/ logging using gettimeofday():) (Thu Feb 9 14:59:28:249698 2012) [sssd[be[EXAMPLE.COM]]] [sdap_get_generic_step] (6): calling ldap_search_ext with [(objectclass=*)][]. (Thu Feb 9 14:59:28:250239 2012) [sssd[be[EXAMPLE.COM]]] [sdap_get_generic_step] (8): ldap_search_ext called, msgid = 2 (Thu Feb 9 14:59:28:250282 2012) [sssd[be[EXAMPLE.COM]]] [sdap_process_result] (8): Trace: sh[0xf7cd40], connected[1], ops[0xf85c00], ldap[0xf739a0] (Thu Feb 9 14:59:28:250317 2012) [sssd[be[EXAMPLE.COM]]] [sdap_process_result] (4): ldap_result gave -1 tcpdump at the same time, 192.168.1.2 client, 192.168.1.1 server, STARTTLS in use: 14:59:28.068940 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [S], seq 592009926, win 14600, options [mss 1460,sackOK,TS val 5276654 ecr 0,nop,wscale 7], length 0 14:59:28.070612 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [S.], seq 3103016433, ack 592009927, win 14480, options [mss 1460,sackOK,TS val 109205234 ecr 5276654,nop,wscale 6], length 0 14:59:28.070686 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [.], ack 1, win 115, options [nop,nop,TS val 5276655 ecr 109205234], length 0 14:59:28.071294 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 1:32, ack 1, win 115, options [nop,nop,TS val 5276655 ecr 109205234], length 31 14:59:28.072793 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [.], ack 32, win 227, options [nop,nop,TS val 109205234 ecr 5276655], length 0 14:59:28.072841 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 1:15, ack 32, win 227, options [nop,nop,TS val 109205234 ecr 5276655], length 14 14:59:28.072862 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [.], ack 15, win 115, options [nop,nop,TS val 5276655 ecr 109205234], length 0 14:59:28.079040 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 32:149, ack 15, win 115, options [nop,nop,TS val 5276657 ecr 109205234], length 117 14:59:28.097160 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 15:101, ack 149, win 227, options [nop,nop,TS val 109205240 ecr 5276657], length 86 14:59:28.098343 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [.], seq 101:1549, ack 149, win 227, options [nop,nop,TS val 109205240 ecr 5276657], length 1448 14:59:28.098525 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [.], ack 1549, win 137, options [nop,nop,TS val 5276662 ecr 109205240], length 0 14:59:28.099813 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [.], seq 1549:2997, ack 149, win 227, options [nop,nop,TS val 109205240 ecr 5276657], length 1448 14:59:28.099839 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 2997:3458, ack 149, win 227, options [nop,nop,TS val 109205240 ecr 5276657], length 461 14:59:28.099843 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 3458:3467, ack 149, win 227, options [nop,nop,TS val 109205240 ecr 5276657], length 9 14:59:28.099995 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [.], ack 3458, win 182, options [nop,nop,TS val 5276662 ecr 109205240], length 0 14:59:28.104322 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 149:672, ack 3467, win 182, options [nop,nop,TS val 5276663 ecr 109205240], length 523 14:59:28.104361 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 672:678, ack 3467, win 182, options [nop,nop,TS val 5276663 ecr 109205240], length 6 14:59:28.106046 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 678:811, ack 3467, win 182, options [nop,nop,TS val 5276664 ecr 109205240], length 133 14:59:28.107332 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [.], ack 811, win 260, options [nop,nop,TS val 109205243 ecr 5276663], length 0 14:59:28.240882 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 3467:3473, ack 811, win 260, options [nop,nop,TS val 109205276 ecr 5276663], length 6 14:59:28.240926 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 3473:3654, ack 811, win 260, options [nop,nop,TS val 109205276 ecr 5276663], length 181 14:59:28.241193 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [.], ack 3654, win 205, options [nop,nop,TS val 5276698 ecr 109205276], length 0 14:59:28.249698 calling ldap_search_ext (objectclass=*) 14:59:28.250206 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 811:1200, ack 3654, win 205, options [nop,nop,TS val 5276700 ecr 109205276], length 389 14:59:28.250239 ldap_search_ext called, msgid = 2 14:59:28.250282 ldap_result called 14:59:28.250317 ldap_result returns -1 14:59:28.250535 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 1200:1381, ack 3654, win 205, options [nop,nop,TS val 5276700 ecr 109205276], length 181 14:59:28.250886 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 1381:1498, ack 3654, win 205, options [nop,nop,TS val 5276700 ecr 109205276], length 117 14:59:28.251052 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [P.], seq 1498:1727, ack 3654, win 205, options [nop,nop,TS val 5276700 ecr 109205276], length 229 14:59:28.251075 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [F.], seq 1727, ack 3654, win 205, options [nop,nop,TS val 5276700 ecr 109205276], length 0 14:59:28.251295 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [.], ack 1381, win 294, options [nop,nop,TS val 109205279 ecr 5276700], length 0 14:59:28.253382 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [P.], seq 3654:3723, ack 1498, win 294, options [nop,nop,TS val 109205279 ecr 5276700], length 69 14:59:28.253430 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [R], seq 592011424, win 0, length 0 14:59:28.253477 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [F.], seq 3723, ack 1498, win 294, options [nop,nop,TS val 109205279 ecr 5276700], length 0 14:59:28.253488 IP 192.168.1.2.53857 > 192.168.1.1.389: Flags [R], seq 592011424, win 0, length 0 14:59:28.253918 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [R], seq 3103020087, win 0, length 0 14:59:28.253938 IP 192.168.1.1.389 > 192.168.1.2.53857: Flags [R], seq 3103020087, win 0, length 0 ** Affects: openldap (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs