[Date Prev][Date Next] [Chronological] [Thread] [Top]

login authentication stuff

To: "openldap-software@OpenLDAP.org" <openldap-software@OpenLDAP.org>
Subject: login authentication stuff
From: James Gregory <james@linuxplaza.com.au>
Date: Tue, 02 Jan 2001 11:46:34 +1100

Hi all,

I'm wanting to setup openldap as the authentication system for a network
I'm setting up. Now, I've installed openldap and all. I've used the padl
migration tools to get my accounts into the ldap database, and I can
retrieve the data if I use ldapsearch and bind as my root user. I've got
this in my slapd.conf as regards access control:

access to attr=userPassword,entry
    by anonymous auth
    by self write
    by dn="cn=Manager,o=Beast,c=AU" write

access to dn=".*,o=Beast,c=AU"
    by self write
    by dn="cn=Manager,o=Beast,c=AU" write
    by * read

which is the amalgamation of a whole heap of ACL's I've seen for
openldap in various places, but I figure that should be the minimum I
should need to get it going. Now, I try to query the database binding as
one of my users:

[root@beast /root]# /usr/local/bin/ldapsearch -D
'uid=james,ou=People,o=Beast,c=AU' -W -x -b
'uid=james,ou=People,o=Beast,c=AU'
Enter LDAP Password: 
ldap_bind: Invalid credentials
[root@beast /root]# 

The user does indeed exist and I can check it's existence.

Any help is greatly appreciated.

Also, ultimately I want to use SASL and PAM_LDAP, is there anything
special I need to know to make this work?

Thanks,

James.

Follow-Ups:
- Re: login authentication stuff
  - From: <Hugo.van.der.Kooij@caiw.nl>

Prev by Date: Re: help,the data file disappear!!
Next by Date: How to setup Directory Structure under OpenLDAP 2.0.7..Newbie question
Index(es):
- Chronological
- Thread