.Directory Server terminates unexpectedly when started in referral mode
Due to a bug, global referral mode does not work in Directory Server. If you start the `ns-slapd` process with the `refer` option as the `dirsrv` user, Directory Server ignores the port settings and terminates unexpectedly. Trying to run the process as the `root` user changes SELinux labels and prevents the service from starting in future in normal mode. There are no workarounds available.
DescriptionAkshay Adhikari
2022-02-10 16:49:07 UTC
Description of problem:
Referral mode not working and failing with error: ERROR: Error: 103 - 10 - 53 - Server is unwilling to perform - [] -
need to set nsslapd-referral
Version-Release number of selected component (if applicable):
How reproducible:
Every time
Steps to Reproduce:
1. Create two instances
2. Stop the instance on the host you want to redirect:
# systemctl stop dirsrv@instance_name
3. Run ns-slapd in referral mode:
# ns-slapd refer -D /etc/dirsrv/slapd-instance_name [-p port] -r referral_url
4.Even though nsslapd-referral is set:
cn=data_on_1,cn=ldbm database,cn=plugins,cn=config
...
nsslapd-referral: ldap://localhost:38902/ou=people,dc=example,dc=com
Updating the state doesn't work:
# dsconf -v instance1 backend suffix set --state referral
ou=data_on_instance1,dc=example,dc=com
...
ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 10, 'result': 53,
'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'need
to set
nsslapd-referral before moving to referral state\n'}
Actual results:
Expected results:
Additional info:
https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html-single/administration_guide/index#Configuring_Directory_Databases-Using_Referrals
Description of problem: Referral mode not working and failing with error: ERROR: Error: 103 - 10 - 53 - Server is unwilling to perform - [] - need to set nsslapd-referral Version-Release number of selected component (if applicable): How reproducible: Every time Steps to Reproduce: 1. Create two instances 2. Stop the instance on the host you want to redirect: # systemctl stop dirsrv@instance_name 3. Run ns-slapd in referral mode: # ns-slapd refer -D /etc/dirsrv/slapd-instance_name [-p port] -r referral_url 4.Even though nsslapd-referral is set: cn=data_on_1,cn=ldbm database,cn=plugins,cn=config ... nsslapd-referral: ldap://localhost:38902/ou=people,dc=example,dc=com Updating the state doesn't work: # dsconf -v instance1 backend suffix set --state referral ou=data_on_instance1,dc=example,dc=com ... ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 10, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'need to set nsslapd-referral before moving to referral state\n'} Actual results: Expected results: Additional info: https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html-single/administration_guide/index#Configuring_Directory_Databases-Using_Referrals