Kartik Subbarao wrote: > I'd like to add one clarification to this message. I named the attached > test script that illustrates the two RESULT messages problem > test099-ppolicy-update, per Howard's previous advice not to duplicate > existing names. But I just realized that this script relies on the same > data files that I previously submitted (slapd-ppolicy.conf, > ppolicy.ldif) so when running this script please ensure that those files > are in place.
Right, no problem. I've run your updated script against HEAD and see no errors, nor is there a duplicate result sent for the Bind operation. There's a config error because back-ldap in HEAD now always requires the binddn to be set in the idassert-bind directive. I have a feeling that this new requirement is bogus, and I just patched your script to set binddn="" to get around it for the moment. > Thanks, > > -Kartik > > On 02/02/2011 11:50 AM, Kartik Subbarao wrote: >>>> Another problem is that bind operations to the consumer server start to >> >> return two result messages -- one with the error code of the chained >> >> operation, and one with the error code of the bind operation. >> >> I'm continuing to see this problem, even after I fix the acl-bind and >> the 'manage' ACL configuration. See the attached for an updated test >> script that illustrates the problem -- I've added a bind with an >> incorrect password which should return 49, but instead is returning 0 to >> the client. >> >> The last line of output from the test script is: >> >> ldap bind operation returned 0, expected 49 >> >> For the relevant operation in slapd.2.log, I see the following: >> >> conn=1003 op=0 RESULT tag=103 err=0 text= >> [...] >> conn=1003 op=0 RESULT tag=97 err=49 text= >> >> slapd is returning two RESULT messages for the BIND operation. Error 0 >> seems to be from the successful chained modification of the >> pwdFailureTime attribute, and Error 49 seems to be for the incorrect >> password. >> >> -Kartik > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
