On Tue, 12 Jan 2016, CFMS Support wrote:
Hi Alexander,

These are the entries from /var/log/dirsrv/slapd-<INSTANC>/access

[12/Jan/2016:10:22:13 +0000] conn=30642 fd=128 slot=128 connection from
172.19.6.16 to 172.20.3.6
[12/Jan/2016:10:22:13 +0000] conn=30642 op=0 EXT
oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[12/Jan/2016:10:22:13 +0000] conn=30642 op=0 RESULT err=0 tag=120
nentries=0 etime=0
[12/Jan/2016:10:22:13 +0000] conn=30642 TLS1.2 128-bit AES-GCM
[12/Jan/2016:10:22:13 +0000] conn=30642 op=1 BIND
dn="uid=ldap,cn=sysaccounts,cn=etc,dc=identity,dc=cfms,dc=org,dc=uk"
method=128 version=3
[12/Jan/2016:10:22:13 +0000] conn=30642 op=1 RESULT err=0 tag=97 nentries=0
etime=0 dn="uid=ldap,cn=sysaccounts,cn=etc,dc=identity,dc=cfms,dc=org,dc=uk"
[12/Jan/2016:10:22:13 +0000] conn=30642 op=2 SRCH
base="cn=groups,cn=accounts,dc=identity,dc=cfms,dc=org,dc=uk" scope=2
filter="(cn=*)" attrs="memberOf"
[12/Jan/2016:10:22:13 +0000] conn=30642 op=2 RESULT err=0 tag=101
nentries=145 etime=0
[12/Jan/2016:10:22:13 +0000] conn=30642 op=3 UNBIND
[12/Jan/2016:10:22:13 +0000] conn=30642 op=3 fd=128 closed - U1

This is where it's searching for a group that exists but it doesn't return
any result.
That's not what I see. I see a search for all groups (filter "(cn=*)")
and retrieiving memberOf attribute of those. The result is 145 entries
which have memberOf attribute set, all returned to the client. What
client then does with this list is unknown.

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to