[389-users] SSL peer reports incorrect Message Authentication Code in versions >= 1.2.2

Juan Asensio Sánchez okelet at gmail.com
Tue May 4 11:46:20 UTC 2010 

2010/5/3 Rich Megginson <rmeggins at redhat.com>

> Juan Asensio Sánchez wrote:
> > Hi
> >
> > 2010/5/3 Rich Megginson <rmeggins at redhat.com <mailto:rmeggins at redhat.com
> >>
> >
> >     > We are having trouble since we have updated from version 1.1.3 to
> >     > 1.2.2 and 1.2.5. We have integrated CentOS/Redhat clients into
> LDAP.
> >     > When we try to make "getent group", we only get one group and its
> >     > members, but no the rest of the groups (should be more than 1000
> >     groups).
> >     What platform?  32-bit or 64-bit?
> >     How many groups?  Do you only get this error when you attempt a
> search
> >     to return this many groups?
> >
> >
> > "getent group" should return the local groups (that are show fine) and
> > about 729 LDAP groups.
> How many groups total?  Roughly how many members?  I'm trying to get
> some idea about how many entries and how many bytes should be returned.
> > If I do the same search with the command ldapsearch,
> ldapsearch to ldaps://hostname:636/ or ldap://hostname:389/ ?
>

I run these queries:

Total groups:
# ldapsearch -H ldaps://XXXXXXX -x -LLL -b
"ou=Groups,o=XXXXXXX,dc=XXXXXXX,XXXXXXX=es" -D "cn=Application
Manager,cn=config" -w XXXXXXX "(&(objectClass=posixGroup))" cn userPassword
memberUid uniqueMember gidNumber | grep -E "^dn:" | wc -l
729

Total members:
# ldapsearch -H ldaps://XXXXXXX -x -LLL -b
"ou=Groups,o=XXXXXXX,dc=XXXXXXX,dc=XXXXXXX" -D "cn=Application
Manager,cn=config" -w XXXXXXX "(&(objectClass=posixGroup))" cn userPassword
memberUid uniqueMember gidNumber | grep -E -i "^uniquemember:" | wc -l
23348

Total unique members:
# ldapsearch -H ldaps://XXXXXXX -x -LLL -b
"ou=Groups,o=XXXXXXX,dc=XXXXXXX,dc=XXXXXXX" -D "cn=Application
Manager,cn=config" -w XXXXXXX "(&(objectClass=posixGroup))" cn userPassword
memberUid uniqueMember gidNumber | grep -E -i "^uniquemember:" | sort | uniq
| wc -l
9365
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100504/6236d636/attachment.html>

More information about the 389-users mailing list