[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3673) ldapsearch -y

To: openldap-its@OpenLDAP.org
Subject: (ITS#3673) ldapsearch -y
From: morgan@lysator.liu.se
Date: Wed, 20 Apr 2005 19:24:45 GMT

Full_Name: Morgan Nilsson
Version: 2.2.13-2
OS: Fedora Core 3
URL: 
Submission from: (NULL) (217.215.66.55)


Summary:

"ldapsearch -y /etc/ldap.secret" should be able to handle newline in
/etc/ldap.secret because pam_ldap requires a newline.

How to reproduce:

0. Setup your system to use LDAP for authetication.
1. Create a user "foobar" in LDAP.
2. Stop nscd (just to be sure we query LDAP)

Version 1: pam_ldap works with newline in /etc/ldap.secret, but not ldapsearch
-y

3. Make sure /etc/ldap.secret ends in a newline.
4. id foobar
uid=...
5. ldapsearch -y /etc/ldap.secret ... (uid=foobar)... => 
ldap_bind: Invalid credentials (49)

Version 2: ldapsearch -y works with newline in /etc/ldap.secret, but not
pam_ldap

6. Make sure /etc/ldap.secret does not end in a newline.
7. id foobar
id: foobar: No such user
8. ldapsearch -y /etc/ldap.secret ... (uid=foobar)... => 
(search result OK)

Prev by Date: (ITS#3674) jdbcLdap - SqlToLdap.java - WHERE/LIKE bug
Next by Date: Re: (ITS#3673) ldapsearch -y
Index(es):
- Chronological
- Thread