I've finished moving my existing LDAP user data into MySQL for use with
back-sql on my testing machine and everything is working perfectly. Trying to
switch production over to it is giving me some headaches though. The two
environments are configured the same way as far as I can tell and I can startup
the service without issue. However when I try to authenticate on the production
environment after swapping the backend out it fails. Here are the logs when I
tried to authenticate from IRC:
Jan 5 17:37:21 new-ldap slapd[14406]: <==backsql_search()
Jan 5 17:37:21 new-ldap slapd[14406]: connection_get(14): got connid=1001
Jan 5 17:37:21 new-ldap slapd[14406]: connection_read(14): checking for input
on id=1001
Jan 5 17:37:21 new-ldap slapd[14406]: op tag 0x60, time 1420497441
Jan 5 17:37:21 new-ldap slapd[14406]: conn=1001 op=2 do_bind
Jan 5 17:37:21 new-ldap slapd[14406]: >>> dnPrettyNormal:
<cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local>
Jan 5 17:37:21 new-ldap slapd[14406]: <<< dnPrettyNormal:
<cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local>,
<cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local>
Jan 5 17:37:21 new-ldap slapd[14406]: do_bind: version=3
dn="cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local" method=128
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_bind()
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_get_db_conn()
Jan 5 17:37:21 new-ldap slapd[14406]: <==backsql_get_db_conn()
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_attrlist_add(): adding
"userPassword" to list
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_attrlist_add(): attribute
"userPassword" is in list
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_attrlist_add(): adding
"objectClass" to list
Jan 5 17:37:21 new-ldap slapd[14406]:
==>backsql_dn2id("cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local")
Jan 5 17:37:21 new-ldap slapd[14406]:
backsql_dn2id("cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local"): id_query
"SELECT id,keyval,oc_map_id,dn FROM ldap_entries WHERE dn=?"
Jan 5 17:37:21 new-ldap slapd[14406]:
backsql_dn2id("cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local"): id=13
keyval=1 oc_id=8 dn=cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local
Jan 5 17:37:21 new-ldap slapd[14406]: >>> dnPrettyNormal:
<cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local>
Jan 5 17:37:21 new-ldap slapd[14406]: <<< dnPrettyNormal:
<cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local>,
<cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local>
Jan 5 17:37:21 new-ldap slapd[14406]:
<==backsql_dn2id("cn=irc,ou=accounts,cn=USERNAME,ou=people,dc=ls,dc=local"):
err=0
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_attrlist_add(): attribute
"userPassword" is in list
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_attrlist_add(): attribute
"objectClass" is in list
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_attrlist_add(): adding "ref"
to list
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_id2entry()
Jan 5 17:37:21 new-ldap slapd[14406]: backsql_id2entry(): custom attribute list
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_get_attr_vals(): oc="ircAccount"
attr="userPassword" keyval=1
Jan 5 17:37:21 new-ldap slapd[14406]: backsql_get_attr_vals(): number of
values in query: 1
Jan 5 17:37:21 new-ldap slapd[14406]: <==backsql_get_attr_vals()
Jan 5 17:37:21 new-ldap slapd[14406]: ==>backsql_get_attr_vals(): oc="ircAccount"
attr="objectClass" keyval=1
Jan 5 17:37:21 new-ldap slapd[14406]: backsql_get_attr_vals(): number of
values in query: 0
Jan 5 17:37:21 new-ldap slapd[14406]: backsql_id2entry(): attribute "ref" is not defined
for objectlass "ircAccount"
Jan 5 17:37:21 new-ldap slapd[14406]: <==backsql_id2entry()
The attribute the IRC server is looking for is "ircuid" but I'm not seeing that
in the log. Could it be that, because this is a custom attribute, it isn't being passed
along and/or searched for? It works with that attribute in the old configuration.
