[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Auth failing!



> 
> We are using old OpenLDAP 1.2.11 for authentication purpose.
> 
> Some user are recognized, others give that result in log file:
> 
> Nov 22 11:00:35 myldapserver slapd[7600]: conn=4 fd=10 connection
> 	from localhost (127.0.0.1) accepted.
> Nov 22 11:00:35 myldapserver slapd[7811]: conn=4 op=0 BIND
> 	dn="CN=FIORI RAFFAELLA (R.FIORI),OU=EMPLOYEE,OU=PEOPLE,O=MYFARM,C=IT" 

Just as a wild guess, try it with a DN that doesn't have parenthesis in it.
I don't know if this is legal, but if that DN is cranking through regex
code somewhere, the parenthesis are going to cause problems.  You could also
try escaping them.

> 	method=128
> Nov 22 11:00:35 myldapserver slapd[7811]: conn=4 op=0 RESULT err=49
> 	tag=97 nentries=0
> Nov 22 11:00:35 myldapserver slapd[7600]: conn=4 op=-1 fd=10 closed
> 	errno=0
> Nov 22 11:00:42 myldapserver slapd[7812]: conn=1 op=2 UNBIND
> Nov 22 11:00:42 myldapserver slapd[7600]: conn=1 op=-1 fd=7 closed
> 	errno=0
> 
> In this example, I'm using
> 
> 	ldapadd -D "CN=FIORI RAFFAELLA (R.FIORI),OU=EMPLOYEE,OU=PEOPLE,O=MYFARM,C=IT" -W
> 
> which respond with "ldap_bind: Invalid credentials".
> I'm *REALLY* sure I'm using the right password and the right DN.
> We have tried even with plain ASCII password in the directory.
> 
> Someone can use its password, someone can't. Why? :?
> 
> 	failingly,
> 	   Cthulhu
> 
> -- 
>    Ph'nglui mglw'nafh Cthulhu http://www.rlyeh.it/ wgah'nagl fhtgan!
> 			 <f.sileno@agora.it>  
> 
>