allow bind_v2 stopped working after 5.0.14, 5.0.21 -> 6.0.4 upgrade

[jbazydlo]

Hi,

I need Zimbra OpenLDAP server to respond to LDAP version 2 requests due to Check Point integration which by default uses it and could not use version 3.

This is what I had in slapd.conf and slapd.conf.in configuration files. That was working before upgrade.

zimbra@XXX:~/conf$ pwd
/opt/zimbra/conf
zimbra@XXX:~/conf$ grep "allow bind_v2" *
slapd.conf:allow bind_v2
slapd.conf.in:allow bind_v2

After restarting LDAP (several times) is seems not to respond to LDAP version 2 requests:

zimbra@XXX:~/conf$ ldapsearch -x -D "cn=config" -w XXX -h XXX -P 2 "(uid=jarekb)"
ldap_bind: Protocol error (2)
additional info: historical protocol version requested, use LDAPv3 instead

Version 3 requests are working fine at the same time:

zimbra@XXXk:~/conf$ ldapsearch -x -D "cn=config" -w XXX -h XXX -P 3 "(uid=jarekb)"
# extended LDIF
#
# LDAPv3
# base <> (default) with scope subtree
# filter: (uid=jarekb)
# requesting: ALL
#

# jarekb, people, XXX
dn: uid=jarekb,ou=people,dc=XXX,dc=pl

Can anyone point me out what could change between versions 5.0 and 6.0 and how make Zimbra LDAP server to respond to version 2 binds???

Best regards
J.

[jbazydlo]

Finally I know that configuration backend changed for OpenLDAP, so anyone knows what is a equivalent of "allow bind_v2" in "cn=config" ???

Any clue seems I am the only one trying to integrate firewall with Zimra user repository??

Best regards
J.

[rs232c]

To the file: /opt/zimbra/data/ldap/config/cn=config.ldif
Add the line: olcAllows: bind_v2
Then do: ldap stop and ldap start

I'm researching how to get the olcAllows line in the file automatically.

[hadirs]

Hi I have the same problem but using
Add the line: olcAllows: bind_v2
at
/opt/zimbra/data/ldap/config/cn=config.ldif

have no luck

[hadirs]

sorry for that was worked, thank you

wrong server