[Bug 1023025] Re: search fail with get_ctrls : controls require LDAPv3
I can also reproduce this issue with the same ldapsearch, except I get a failure about half the time (this is with the daemon versions of lib(pam|nss)-ldapd): $ ldapsearch -h localhost -b ou=people,dc=company,dc=com -x (((objectClass=posixAccount)(uid=*))(uid=cswingley)) -M -v ldap_initialize( ldap://localhost ) filter: (((objectClass=posixAccount)(uid=*))(uid=cswingley)) requesting: All userApplication attributes # extended LDIF # # LDAPv3 # base ou=people,dc=company,dc=com with scope subtree # filter: (((objectClass=posixAccount)(uid=*))(uid=cswingley)) # requesting: ALL # with manageDSAit control # # search result search: 2 result: 2 Protocol error text: controls require LDAPv3 # numResponses: 1 I tried rebuilding 'nss-pam-ldapd' from the latest upstream sources (0.8.10), copying the debian directory over from the 12.04 src package and modifying the changelog, and the problem is still there, so it doesn't seem to be an issue that was fixed in upstream. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1023025 Title: search fail with get_ctrls : controls require LDAPv3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1023025/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023025] Re: search fail with get_ctrls : controls require LDAPv3
In my earlier comment (#5) I mentioned installing libnss-ldapd / libpam- ldapd as replacements for libnss-ldap / libpam-ldap. This did *not* solve the issue with group mappings: I experience the group mapping failures with both versions of the libnss and libpam LDAP packages on my 12.04 server. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1023025 Title: search fail with get_ctrls : controls require LDAPv3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1023025/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023025] Re: search fail with get_ctrls : controls require LDAPv3
I also have this issue with a 12.04 server, also using replication. The issue appears on the slave, not the master, but the master LDAP server is still running 10.04, so I don't know if that is relevant or not. This morning I installed libnss-ldapd / libpam-ldapd (which also installed nscd) and I haven't noted the group mapping or the controls require LDAPv3 error since. However, since nscd is now running, it could be that I was just lucky and that my first connection managed to grab the LDAP groups, was then cached, and subsequent connections are getting the correct group membership from nscd. In any case, this is a critical bug because it affects what individual users will have access too. If their logon (local / Samba / etc.) doesn't map the proper groups, they're locked out of shared resources they need. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1023025 Title: search fail with get_ctrls : controls require LDAPv3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1023025/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs