LDAP replication breaking referrals

Posted by MasterZ on Server Fault See other posts from Server Fault or by MasterZ
Published on 2013-10-24T15:41:21Z Indexed on 2013/10/24 15:56 UTC
Read the original article Hit count: 201

Filed under:

ldap

|

solaris

|

replication

We have an issue that we believe is caused by ldap replication changing the port of the referal from 686 (secure) to 389 (unsecure).

If we setup a new referral everything works, but then as soon as we change someone's password it changes on the master, and then the master replicates and the referral breaks. Any further attempts to modify someone's account give the error "PAM: Cannot connect to LDAP".

We used snoop and monitored the firewall to see what was going on. The first password attempt (the one that works) goes over port 686 (as it is supposed to) but every subsequent attempt attempts to use port 389, and therefore fails.

We only have 1 referral configured on the client, port 686

© Server Fault or respective owner

Related posts about ldap

NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Ubuntu 12.04 Preseed LDAP Config

as seen on Server Fault - Search for 'Server Fault'
I'm trying to deploy Ubuntu 12.04 via xCAT, everything works except the automatic configuration of LDAP, the preseed file is read but the file /etc/nsswitch is not written properly. My Preseed File: [...] ### LDAP Setup nslcd nslcd/ldap-bindpw password ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config… >>> More
NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Apache+LDAP auth on Ubuntu says "Can't contact LDAP server" while ldapsearch is perfect

as seen on Server Fault - Search for 'Server Fault'
Hi Gurus, I'm migrating from an existing apache+LDAP+mysql+php server to a new hardware platform. Old server is running Debian Lenny, which I have no config documentation available (was done by previous sysadmin); New server is running Ubuntu 10.04.2 LTS 32bit. After installing Apache and configured… >>> More
Spring security ldap: no declaration can be found for element 'ldap-authentication-provider'

as seen on Stack Overflow - Search for 'Stack Overflow'
Following the spring-security documentation: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html I am trying to set up ldap authentication (very simple - just need to know if a user is authenticated or not, no authorities mapping needed) and have put this in my applicationContext-security… >>> More

Related posts about solaris

Solaris 11 Launch Blog Carnival Roundup

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Solaris 11 is here! And together with the official launch activities, a lot of Oracle and non-Oracle bloggers contributed helpful and informative blog articles to help your datacenter go to eleven. Here are some notable blog postings, sorted by category for your Solaris 11 blog-reading pleasure: Getting… >>> More
Solaris OS?????????? (??????·SIer????!??????)

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Solaris11???????????????2011?11??????OS????????11.1??????????2012?11???????????????OTN?Solaris11?????????????????????????????????????OTN?????????????????????????????????????????????????????????????????????IT?????????Solaris??????????????????????????????????????????Solaris???????Solaris 11????????… >>> More
????????????????? Oracle Solaris ??? - Solaris 11 ????(??)

as seen on Oracle Blogs - Search for 'Oracle Blogs'
???????????????? OS ????????????????????? 20 ??????????????????? Solaris?????????????????????? OS????????????????????????Solaris ???????????????????? ??????Oracle Solaris ??????????????6??????????????????Oracle Solaris ?????????????????????? [????????????] ?????(????????????? ???)?????(?… >>> More
????????????????? Oracle Solaris ??? - Solaris 11 ????

as seen on Oracle Blogs - Search for 'Oracle Blogs'
???????????????? OS ????????????????????? 20 ??????????????????? Solaris?????????????????????? OS????????????????????????Solaris ???????????????????? ??????Solaris ?????????????? 4 ????????????????????? Oracle Solaris 11 ??????????????? [????????????]???? ?(????????????? ???)???? ?(?????… >>> More
??????????·????????????Oracle Solaris Cluster 4.0?

as seen on Oracle Blogs - Search for 'Oracle Blogs'
??????OS?Oracle Solaris 11???????????????·????????????Oracle Solaris Cluster 4.0???2011?12?6????????????Oracle Solaris 11 ???????????????????????????Oracle Solaris Cluster 4.0 ???????????????????????? Oracle Solaris Cluster 4.0 ?3?????? - Oracle Solaris Cluster… >>> More