rawhide and LDAP

Braden McDaniel braden at endoframe.com
Thu Feb 10 18:08:29 UTC 2011


On Thu, 2011-02-10 at 08:18 -0500, Stephen Gallagher wrote: 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 02/09/2011 12:31 PM, Braden McDaniel wrote:
> > On Wed, 2011-02-09 at 14:36 +0100, Jan Vcelak wrote: 
> >> On Wednesday 09 February 2011 06:10:25, Braden McDaniel wrote:
> >>> Something in a recent round of updates seems to have hosed use of
> >>> LDAP-based user accounts for my rawhide installation.  (My LDAP server
> >>> is on a different machine; the rawhide one just doesn't seem to be able
> >>> to use it.)
> >>
> >> Hi Braden,
> >>
> >> please, can you be more specific? Which versions of openldap-servers, 
> >> openldap-clients, pam_ldap, nss_ldap, etc. do you have installed?
> > 
> > openldap-servers, pam_ldap, and nss_ldap are not installed on the
> > rawhide machine.  openldap-clients is version 2.4.23-8.fc15.
> > 
> > The server is running Fedora 14.  It has:
> > 
> > openldap-servers: 2.4.23-4.fc14
> > openldap-clients: 2.4.23-4.fc14
> > pam_ldap:         185-5.fc14
> > nss_ldap:         265-6.fc14
> > 
> >> Are you using SSL/TLS?
> > 
> > No.
> > 
> >> Is ldapsearch on your rawhide machine working?
> > 
> > It is.  What's not working is logging in as a user other than root.  I
> > can't even su to a user other than root.
> > 
> > I am using Kerberos for user authentication; however, "kinit <user>"
> > works fine from the rawhide machine.
> > 
> 
> 
> I suspect you are using SSSD to handle LDAP logins.

Correct.

> This was broken in
> rawhide yesterday because I pushed a new version of libldb that
> apparently broke ABI without an SO bump. I have subsequently reverted
> this change. Please downgrade to libldb-0.9.10-25.fc15 and SSSD will
> work again.

That did it.  Thanks!

-- 
Braden McDaniel <braden at endoframe.com>



More information about the devel mailing list