Package: libnss-ldapd Version: 0.6 Severity: important Seems like libnss-ldapd checks for object class by reading a ldapobject in and then checking the objectclass attribute for a specific record. On my ldap setup I do not allow for objectclass to be read by any user, you can search. This causes this error to appear in my syslog numerious times.
The code is in myldap_has_objectclass in myldap.c I would presume a change to doing a ldapsearch and tresting for a positive result would be the solution (and I presume this is a lot more expensive than checking the attributes array) Alex -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (100, 'unstable'), (50, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Versions of packages libnss-ldapd depends on: ii debconf [debconf-2.0] 1.5.20 Debian configuration management sy ii libc6 2.7-6 GNU C Library: Shared libraries ii libkrb53 1.6.dfsg.3~beta1-4 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.7-6.1 OpenLDAP libraries ii libsasl2-2 2.1.22.dfsg1-18 Cyrus SASL - authentication abstra Versions of packages libnss-ldapd recommends: ii libpam-ldap 184-3 Pluggable Authentication Module al ii nscd 2.7-6 GNU C Library: Name Service Cache -- debconf information: * libnss-ldapd/ldap-base: dc=samad,dc=com,dc=au * libnss-ldapd/nsswitch: passwd, group, shadow, services, networks, protocols, rpc, ethers, netgroup, hosts libnss-ldapd/ldap-binddn: cn=libnss-ldap,ou=Roles,dc=samad,dc=com,dc=au * libnss-ldapd/ldap-uris: ldapi://%2fvar%2frun%2fldapi ldap://ldap2.hme1.samad.com.au ldap://ldap1.hme2.samad.com.au libnss-ldapd/ldap-rootbinddn: cn=ldapadmin,dc=samad,dc=com,dc=au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
