[Date Prev][Date Next] [Chronological] [Thread] [Top]

problems with authentication

To: OpenLDAP-Software@OpenLDAP.org
Subject: problems with authentication
From: Douglas Rehg <drehg@fishcicle.com>
Date: Sun, 31 Mar 2002 08:00:00 -0800

Good Morning...

I am having a problem with an ldap server I just recently set up. LDAP and Linux are both fairly new to me, so please bear with me.

Using a tutorial I found on the net, I got my ladp server (2.0.21) running on RH Linux 7.2. I want to have the user authenticate off of their uid and password in the ldap client (eudora, outlook, gq).

So far, if running gq on the linux box, I can access using the full dn (cn=Douglas Rehg,ou=Morgan,o=stooges) and the password, but not the uid. I also cannot authenticate to the server using any of the clients on my windows box.

my ldif looks like this:
****************************************************
dn: cn=Douglas Rehg,ou=Morgan,o=stooges
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: Rehg
cn: Douglas Rehg
userPassword: password
telephoneNumber: (555)555-5555
telephoneNumber: (555)555-5555
mail: drehg@fishcicle.com
uid: drehg
****************************************************

My slapd.conf looks like this:
****************************************************
# example config file - global configuration section
include		/etc/openldap/schema/core.schema
include		/etc/openldap/schema/cosine.schema
include		/etc/openldap/schema/inetorgperson.schema
#include		/usr/local/etc/schema/core.schema
#referral ldap://root.openldap.org
access to * by * read

# ldbm definition for the example.com
database ldbm
suffix "dc=stooges,dc=org"
suffix "o=stooges"
directory /var/lib/ldap/stooges
rootdn "cn=Admin,dc=stooges,dc=org"
rootpw secret

# indexed attribute definitions
index uid pres,eq
index cn,sn pres,eq,sub
index objectClass eq
# ldbm access control definitions
access to attr=userPassword
	by self write
	by anonymous auth
	by dn="cn=Admin,dc=stooges,dc=org" write
	by * none
access to *
	by self write
	by dn="cn=Admin,dc=stooges,dc=org" write
	by users read
****************************************************

In eudora, my settings have me doing my base search on o=stooges. If I set the access to "defaultaccess to read" in slapd, clients on my windows box can access the ldap server. But as soon as I set it to the above settings, and try to bind using either uid, or combinations of cn, ou, o, and/or dc and the password, I cannot access.

Any ideas? I am also looking hrough the archives to see if I can find an answer...but doesn't hutrt to ask at the same time :)

Thanks,
Doug

Prev by Date: Re: LDAP tools
Next by Date: Re: eduPerson object not working
Index(es):
- Chronological
- Thread