On Thu, 2007-12-27 at 15:07 -0200, Daniel Cristian Cruz wrote: > [27/Dec/2007:13:37:54 -0200] conn=1 op=20 SRCH base="o=AAA BBB" scope=2 filter="(&(objectClass=posixAccount)(o=CCC))", failed to decode LDAP controls > [27/Dec/2007:13:37:54 -0200] conn=1 op=20 RESULT err=12 tag=101 nentries=0 etime=0 > > Does anyone know what this mean? It means that the Cisco device tried to use an LDAP control that the server didn't understand. My next step would be to check the logs on the Cicso thing to see what it thinks it's trying to do, and whether it got the information it needed. It's possible that it may simply try one method, then fall back to something more widely supported when it fails. That's not really the right way to discover the LDAP server's capabilities, but it might work. If something is really not working, and the logs don't make clear what the device is trying to do, I might then go after packet data with a tool like Wireshark. Hope that helps. -Andrew -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3551 bytes Desc: not available Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071228/e4334c94/attachment.bin
