Bug 7447

Summary: Access to OpenLDAP using MS Outlooks Kills RH
Product: [Retired] Red Hat Linux Reporter: rvaughn
Component: openldapAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED WORKSFORME QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 6.1CC: mwalls
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-12-14 01:40:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description rvaughn 1999-11-30 16:49:48 UTC
Attempting to access a RedHat OpenLDAP server using Microsoft Outlook 2000
poisons the entire OS.  The Oulook query never returns, and will timeout
after a few minutes.  Just a single such query, however, will completely
poison the RedHat OS.

In such a state, legitimate ldap queries will not return.  Any open
telnet, X, or console sessions will remain open, but further sessions
cannot be started.  Apparently no inet services will initiate.  ps does
not work (hangs).  init does not work.  shutdown and reboot do not work.

I have no debugging information as the OS is so insane by this point that
no new processes seem able to run.

The only remedy I have found so far is the hardware reset button.

Other indications:
slapd is configured and working properly, and responds correctly to
ldapsearch requests from local or remote hosts.  I have not tried
initiating queries with Netscape Communicator.  I have tried queries
against NDS servers using the same Outlook client - these completed
successfully.

This is no doubt due to a standards violation by Outlook, but still should
not be able to kill an entire host.  Bringing down slapd, ok, but as is
this is definitely a Severe bug.

To reproduce:
- Setup and configure OpenLDAP (slapd).  The entries used do not matter,
but make sure there are some.
- Add a Directory Service account to MS Outlook 2000, and point it to your
OpenLDAP server.
- Invoke the Outlook "Find People" function.  You may need to access this
from the main Windows Start/Find/People... menu.
- Make sure you have the correct directory server chosen, and put a search
phrase in the name field.  I used "*".
- Start the search.
- Check your host.  It should now be insane.

Comment 1 Nalin Dahyabhai 2000-04-06 20:02:59 UTC
Is this still a problem with OpenLDAP 1.2.9, which we now include in 6.2 and in
Raw Hide (ftp://ftp.redhat.com/pub/rawhide/i386/RedHat/RPMS/)?

Comment 2 Alan Cox 2002-12-14 01:40:42 UTC
No answer in 2 years