2053204 – Referral mode not working

Bug 2053204 - Referral mode not working

Summary: Referral mode not working

Keywords:
Status:	VERIFIED
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	389-ds-base
Sub Component:
Version:	9.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	9.3
Assignee:	Simon Pichugin
QA Contact:	LDAP QA Team
Docs Contact:	Evgenia Martynyuk
URL:
Whiteboard:	sync-to-jira
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-02-10 16:49 UTC by Akshay Adhikari
Modified:	2023-08-10 22:23 UTC (History)
CC List:	9 users (show)
Fixed In Version:	389-ds-base-2.3.4-1.el9
Doc Type:	Known Issue
Doc Text:	.Directory Server terminates unexpectedly when started in referral mode Due to a bug, global referral mode does not work in Directory Server. If you start the `ns-slapd` process with the `refer` option as the `dirsrv` user, Directory Server ignores the port settings and terminates unexpectedly. Trying to run the process as the `root` user changes SELinux labels and prevents the service from starting in future in normal mode. There are no workarounds available.
Clone Of:
Environment:
Last Closed:
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	389ds 389-ds-base issues 5701	None	closed	Referral mode is not working	2023-06-06 20:41:47 UTC
Red Hat Issue Tracker	IDMDS-2823	None	None	None	2023-03-01 16:19:32 UTC
Red Hat Issue Tracker	IDMDS-3430	None	None	None	2023-07-19 15:13:40 UTC
Red Hat Issue Tracker	RHELPLAN-111943	None	None	None	2022-02-10 16:52:27 UTC

Description Akshay Adhikari 2022-02-10 16:49:07 UTC

Description of problem:

Referral mode not working and failing with error: ERROR: Error: 103 - 10 - 53 - Server is unwilling to perform - [] -
need to set nsslapd-referral

Version-Release number of selected component (if applicable):


How reproducible:

Every time

Steps to Reproduce:
1. Create two instances

2. Stop the instance on the host you want to redirect:

# systemctl stop dirsrv@instance_name

3. Run ns-slapd in referral mode:

# ns-slapd refer -D /etc/dirsrv/slapd-instance_name [-p port] -r referral_url

4.Even though nsslapd-referral is set:
cn=data_on_1,cn=ldbm database,cn=plugins,cn=config
...
nsslapd-referral: ldap://localhost:38902/ou=people,dc=example,dc=com

Updating the state doesn't work:
# dsconf -v instance1 backend suffix set --state referral
ou=data_on_instance1,dc=example,dc=com
...
ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 10, 'result': 53,
'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'need
to set
 nsslapd-referral before moving to referral state\n'}


Actual results:


Expected results:


Additional info:

https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html-single/administration_guide/index#Configuring_Directory_Databases-Using_Referrals

Comment 15 Viktor Ashirov 2023-08-04 07:46:10 UTC

Moving to VERIFIED according to comment #11

Note You need to log in before you can comment on or make changes to this bug.