Version: 3.3.2 (using KDE 3.3.2, Mandrake Linux Cooker i586 - Cooker) Compiler: gcc version 3.4.3 (Mandrakelinux 10.2 3.4.3-3mdk) OS: Linux (i686) release 2.6.10-1mdk Kaddressbook tries to bind to the master (openldap) server without password (with the expected dn), when attempting update on slave server. I'm usingh plain authentication, thus giving me the error "Stronger authentication required". If I use the master server directly then updates work. Expect for the master/slave config the servers are identical.
I don't think it's a KDE bug. Maybe the server requires SSL/TLS for updates, or a really stronger authentication method (non clear-text)? You can test this with the command line ldap utilities.
The server accepts plain authentiction using no encryption or TLS. I have checked this with ethereal and extra log levels. KDE does not send a password en either case when redirected. That is the problem.
By default, the OpenLDAP libraries won't reuse authentication information when doing a rebind for a referral, since this could send sensitive information to another server without user intervention. The user should be notified that they have been referred to another server, and asked if the previous credentials should be reused for the rebind procedure or not.
But the bind against the master (after the referral) is emtpy! look at hits log in the master: <i>By default, the OpenLDAP libraries won't reuse authentication information when doing a rebind for a referral, since this could send sensitive information to another server without user intervention. </i> I have Kaddressbook configured with the slave OpenLDAP using user with bind (and write permisions), and when try to add an entry the master log says: Jan 23 03:39:01 debian slapd[2611]: conn=11 op=0 BIND dn="" method=128 Jan 23 03:39:01 debian slapd[2611]: conn=11 op=0 RESULT tag=97 err=0 text= So the bind against the master is empty, is it normal? <i>The user should be notified that they have been referred to another server, and asked if the previous credentials should be reused for the rebind procedure or not. </i> So I understand Kaddressbook does it or SHOULD do it? is there them any LDAP client supporintg the referrals?
The development of the old KAddressBook will be discontinued for KDE 4.4. Since the new application has the same name, but a completly new code base we close all bug reports against the old version and ask the submitters to resend there reports against the new product.