Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replication doesnt work when nsDS5ReplicaBindMethod is set to SSLCLIENTAUTH #2537

Closed
389-ds-bot opened this issue Sep 13, 2020 · 5 comments
Closed

Replication doesnt work when nsDS5ReplicaBindMethod is set to SSLCLIENTAUTH #2537

389-ds-bot opened this issue Sep 13, 2020 · 5 comments
Labels
closed: duplicate Migration flag - Issue

Comments

@389-ds-bot
Copy link

Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/49478

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1516962

Description of problem:
Replication doesnt work between two masters when we use
nsDS5ReplicaTransportInfo: TLS and nsDS5ReplicaBindMethod: SSLCLIENTAUTH.
The issue can be reproduced with the next test case:
dirsrvtests/tests/suites/sasl/regression_test.py::test_openldap_no_nss_crypto

Version tested:
389-ds-base: 1.3.7.5-9.el7

Additional info:
/var/log/dirsrv/slapd-master2/errors has errors like these:

[23/Nov/2017:11:28:50.802980616 -0500] - ERR - slapi_ldap_bind - Error: could
not bind id [(anon)] authentication mechanism [EXTERNAL]: error 48
(Inappropriate authentication)
[23/Nov/2017:11:28:50.804420121 -0500] - ERR - NSMMReplicationPlugin -
bind_and_check_pwp - agmt="cn=meTo_localhost:39001" (localhost:39001) -
Replication bind with EXTERNAL auth failed: LDAP error 48 (Inappropriate
authentication) (missing client certificate)

Also, the test case passes on 1.3.6.1-16.el7.
@389-ds-bot 389-ds-bot added the closed: duplicate Migration flag - Issue label Sep 13, 2020
@389-ds-bot
Copy link
Author

Comment from firstyear (@Firstyear) at 2017-12-01 09:04:00

Metadata Update from @Firstyear:

@389-ds-bot
Copy link
Author

Comment from spichugi (@droideck) at 2018-01-19 10:23:01

Closed as duplicate of openldap issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1516409

It was fixed in openldap: 2.4.44-12.el7 version.

@389-ds-bot
Copy link
Author

Comment from spichugi (@droideck) at 2018-01-19 10:23:02

Metadata Update from @droideck:

  • Custom field component adjusted to None
  • Custom field origin adjusted to None
  • Custom field reviewstatus adjusted to None
  • Custom field type adjusted to None
  • Custom field version adjusted to None

@389-ds-bot
Copy link
Author

Comment from spichugi (@droideck) at 2018-01-19 10:23:58

Metadata Update from @droideck:

  • Issue close_status updated to: duplicate
  • Issue status updated to: Closed (was: Open)

@389-ds-bot
Copy link
Author

Comment from vashirov (@vashirov) at 2020-02-12 17:35:02

Metadata Update from @vashirov:

  • Issue set to the milestone: None (was: 0.0 NEEDS_TRIAGE)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
closed: duplicate Migration flag - Issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@389-ds-bot