From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041214 Firefox/1.0 Description of problem: OpenLDAP should be upgraded to 2.2.20 or downgraded to a old 2.1 version, a number of things are broaken in 2.2.13, such as paged access that allot of LDAP clients make use of, it has several memmory leaks and locking bugs in the bdb backend, for upgrading it should only be a matter of getting the new tar.gz, removing unneeded patches and doing a recompile. Version-Release number of selected component (if applicable): 2.2.13 How reproducible: Always Steps to Reproduce: 1. Using paged access from a ldap client. 2. A allot more: http://www.openldap.org/software/release/changes.html 3. Additional info:
see also openldap bug for this problem - pagedResults in back-ldap http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=3283;selectid=3283 With openldap-2.2.13-2 rpm in place, openldap as the corporate directory is useless with ms outlook 2002 and 2003 ldap clients. Every time the user types into the To: box, outlook attempts to search the ldap directory, but the response is error "unavailable critical extension", and this is displayed to the user. The user never gets to see responses from the search. I'd be happy to test openldap version (eg 2.2.23) as an rpm if someone is willing to build such. I am guessing this is a pretty big market to be having problems with. note: I suggest changing title: OpenLDAP 2.2.13 not fit for normal use. to: OpenLDAP 2.2.13 bug causes outlook "unavailable critical extension" so that the size of the problem (outlook 2002/2003 users) is indicated, and so that it's easier to find in bugzilla based on the outlook error message.
I've put experimental 2.2.29 i386 rpms on http://people.redhat.com/fenlason/ Make sure you back up everything LDAP related before you install them! Can you try them out and report whether they solve this problem without introducing too many new ones? The 2.2.13->2.2.29 upgrade introduces enough incompatability issues that I haven't decided whether to push it for FC3 or not. I only have test ldap installations, so I can't tell how bad (if at all) the incompatabilities are in practice.
FC4 has 2.2.29, FC5 has 2.3.19. FC3 is now Fedora Legacy and this does not seem like a security bug. Closing.