有人能解释一下我为什么会收到这个错误吗?我在尝试绑定 ldap 服务器中的任何用户时收到此错误(在服务器上)。此外,当我运行程序时,我收到“访问权限不足”输出。而我在尝试绑定管理员时没有收到此输出。我在 slapd.conf 中提供了访问控制,如下所示:
access to *
by self write
by * read
by anonymous auth
代码:
require 'net/ldap'
con = Net::LDAP.new
con.host = 'localhost'
con.port = 389
con.auth 'cn=user,dc=example,dc=com', '123'
if con.bind
# authentication succeeded
puts 'success'
puts con.get_operation_result
else
# authentication failed
puts 'fail'
puts con.get_operation_result
# p con.get_operation_result
end
错误:
5a3e8945 >>> dnPrettyNormal: <cn=user,dc=example,dc=com>
5a3e8945 <<< dnPrettyNormal: <cn=user,dc=example,dc=com>, <cn=user,dc=example,dc=com>
5a3e8945 do_bind: version=3 dn="cn=user,dc=example,dc=com" method=128
5a3e8945 bdb_dn2entry("cn=user,dc=example,dc=com")
5a3e8945 => bdb_dn2id("dc=example,dc=com")
5a3e8945 <= bdb_dn2id: got id=0x5
5a3e8945 => bdb_dn2id("cn=user,dc=example,dc=com")
5a3e8945 <= bdb_dn2id: got id=0x17
5a3e8945 entry_decode: "cn=user,dc=example,dc=com"
5a3e8945 <= entry_decode(cn=user,dc=example,dc=com)
5a3e8945 => bdb_search
5a3e8945 bdb_dn2entry("cn=kerberoskdc,cn=config,dc=example,dc=com")
5a3e8945 => bdb_dn2id("cn=config,dc=example,dc=com")
5a3e8945 <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30988)
5a3e8945 entry_decode: "dc=example,dc=com"
5a3e8945 <= entry_decode(dc=example,dc=com)
5a3e8945 send_ldap_result: conn=-1 op=0 p=0
5a3e8945 Entry *odusers_copy_entry(Operation *): Unable to locate cn=kerberoskdc,cn=config,dc=example,dc=com (32)
5a3e8945 odusers_copy_krbrealm: No entry associated with KerberosKDC cn=kerberoskdc,cn=config,dc=example,dc=com
5a3e8945 odusers_krb_auth: could not retrieve krb realm while authing user
5a3e8945 send_ldap_result: conn=1000 op=0 p=3
5a3e8945 send_ldap_response: msgid=1 tag=97 err=50
答案1
我没有看到“访问权限不足”错误,但我能看到这个错误:
5a3e8945 bdb_dn2entry("cn=kerberoskdc,cn=config,dc=example,dc=com")
5a3e8945 => bdb_dn2id("cn=config,dc=example,dc=com")
5a3e8945 <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30988)
可能与此条目相关:
cn=config,dc=example,dc=com
cn=kerberoskdc,cn=config,dc=example,dc=com
它存在于您的 LDAP 数据库中吗?