So, I added this into my OpenLDAP,
dn: o=SNTRoot,c=MY
changetype: add
objectclass: top
objectclass: organisation
aci: (targetattr = "*")(version 3.0; acl "Suitespot Adminstrators Group";
allow (all) groupdn =
"ldap:///cn=Manager,o=SNTRoot,c=MY";)
dn: uid=admin, o=SNTRoot,c=MY
changetype: add
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: SuiteSpot Manager
sn: Manager
givenname: SuiteSpot
uid: admin
userpassword: {ssha}2I6tNfhn8o8GgyWq1iZthQF/a9yRRST3
dn: cn=Manager, o=SNTRoot,c=MY
changetype: add
objectclass: top
objectclass: groupOfUniqueNames
cn: Manager
uniqueMember: uid=admin, o=SNTRoot, c=MY
userpassword: {ssha}2I6tNfhn8o8GgyWq1iZthQF/a9yRRST3
dn: ou=Netscape Servers, o=SNTRoot, c=MY
changetype: add
objectclass: top
objectclass: organizationalUnit
ou: Netscape Servers
I get invalid credentials when I try to access this OpenLDAP through
NES. From the debug statements, it seems that NES manage to bind as cn=Manager,
but
then when it tries to bind as uid=admin, it failed. I assumes the userpassword
I provided for uid=admin is not the password NES expect.
2 questions:
1. Why NES tries to bind as uid=admin?
2. What is the password for uid=admin? Is it the userid & password
to access NES Admin ?
I attach here the debug statements generated by OpenLDAP. I would appreciate
if someone could give me some pointers on this matter.
Many-many thanks...
Rosdi.
slapd starting do_bind do_bind: version 2 dn (cn=Manager, o=SNTRoot, c=MY) method 128 dn2entry_r: dn: "CN=MANAGER,O=SNTROOT,C=MY" => dn2id( "CN=MANAGER,O=SNTROOT,C=MY" ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/dn2id.dbb", 7, 600 ) <= ldbm_cache_open (opened 0) <= dn2id 3 => id2entry_r( 3 ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/id2entry.dbb", 7, 600 ) <= ldbm_cache_open (opened 1) => str2entry <= str2entry 0x809c948 <= id2entry_r( 3 ) (disk) ====> cache_return_entry_r do_bind: bound "cn=Manager, o=SNTRoot, c=MY" to "cn=Manager, o=SNTRoot, c=MY" send_ldap_result 0:: do_search using base "O=SNTROOT,C=MY" subtree_candidates: base: "O=SNTROOT,C=MY" lookupbase dn2entry_r: dn: "O=SNTROOT,C=MY" => dn2id( "O=SNTROOT,C=MY" ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/dn2id.dbb", 7, 600 ) <= ldbm_cache_open (cache 0) <= dn2id 1 => id2entry_r( 1 ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/id2entry.dbb", 7, 600 ) <= ldbm_cache_open (cache 1) => str2entry <= str2entry 0x809c8e0 <= id2entry_r( 1 ) (disk) ====> cache_return_entry_r => filter_candidates => list_candidates 0xa1 => filter_candidates => ava_candidates 0xa3 => index_read( "objectclass" "=" "REFERRAL" ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/objectclass.dbb", 7, 600 ) <= ldbm_cache_open (opened 2) <= index_read 0 candidates <= ava_candidates 0 <= filter_candidates 0 => filter_candidates => ava_candidates 0xa3 => index_read( "uid" "=" "ADMIN" ) <= index_read 5 candidates (allids - not indexed) <= ava_candidates 5 <= filter_candidates 5 <= list_candidates 5 <= filter_candidates 5 => id2entry_r( 1 ) ====> cache_find_entry_dn2id: found id: 1 rw: 0 <= id2entry_r 0x809c8e0 (cache) ====> cache_return_entry_r => id2entry_r( 2 ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/id2entry.dbb", 7, 600 ) <= ldbm_cache_open (cache 1) => str2entry <= str2entry 0x80a6638 <= id2entry_r( 2 ) (disk) => send_search_entry (uid=admin, o=SNTRoot,c=MY) <= send_search_entry ====> cache_return_entry_r => id2entry_r( 3 ) ====> cache_find_entry_dn2id: found id: 3 rw: 0 <= id2entry_r 0x809c948 (cache) ====> cache_return_entry_r => id2entry_r( 4 ) => ldbm_cache_open( "/usr/local/var/openldap-ldbm/id2entry.dbb", 7, 600 ) <= ldbm_cache_open (cache 1) => str2entry <= str2entry 0x80a6b18 <= id2entry_r( 4 ) (disk) ====> cache_return_entry_r send_ldap_result 0:: do_bind do_bind: version 2 dn (uid=admin, o=SNTRoot,c=MY) method 128 dn2entry_r: dn: "UID=ADMIN,O=SNTROOT,C=MY" => dn2id( "UID=ADMIN,O=SNTROOT,C=MY" ) ====> cache_find_entry_dn2id: found dn: UID=ADMIN,O=SNTROOT,C=MY <= dn2id 2 (in cache) => id2entry_r( 2 ) ====> cache_find_entry_dn2id: found id: 2 rw: 0 <= id2entry_r 0x80a6638 (cache) send_ldap_result 49:: ====> cache_return_entry_r ber_get_next on fd 7 failed errno 0 (Success) *** got 0 of 0 so far