[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Problems with ldapadd
I getting an error with ldapadd: "ldap_bind: Invalid credentials". It
doesn't seem to be as simple as a mistyped password, though there might
be something obvious I'm overlooking. All of the infomation that seems
relevant is shown below, including slapd.conf, output from ldapsearch,
output from ldapadd, and an strace of ldapadd (excuse the odd-looking
pathnames). Hopefully someone who understands the software better than
I do can make something of it:
----------------------- BEGIN slapd.conf ------------------------
include /pkg/openldap/2.0.18/.i686-pc-linux-gnu/.karmak.1/etc/openldap/schema/core.schema
pidfile /pkg/openldap/2.0.18/.i686-pc-linux-gnu/.karmak.1/var/run/slapd.pid
argsfile /pkg/openldap/2.0.18/.i686-pc-linux-gnu/.karmak.1/var/run/slapd.args
database ldbm
suffix "dc=ariel,dc=karmak,dc=org"
rootdn "cn=Manager,dc=ariel,dc=karmak,dc=org"
rootpw secret
directory /pkg/openldap/2.0.18/.i686-pc-linux-gnu/.karmak.1/var/run/openldap-ldbm
--------------------- END slapd.conf -------------------------------
[NOTE: FWIW, I've also tried all of this without the hostname (dc=ariel)
bit in slapd.conf, and got the same results]
------------------ BEGIN ldapsearch output -------------------------
karmak@ariel$ ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
version: 2
#
# filter: (objectclass=*)
# requesting: namingContexts
#
#
dn:
namingContexts: dc=ariel,dc=karmak,dc=org
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
----------------------- END ldapsearch output ------------------------
------------------------ BEGIN ldapadd output ------------------------
karmak@ariel$ ldapadd -v -d -1 -x -D "cn=Manager,dc=ariel,dc=karmak,dc=org" -w secret
ldap_initialize( <DEFAULT> )
ldap_create
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: localhost
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_ndelay_on: 4
ldap_is_sock_ready: 4
ldap_ndelay_off: 4
ldap_int_sasl_open: host=ariel.karmak.org
ldap_open_defconn: successful
ldap_send_server_request
ber_flush: 56 bytes to sd 4
0000: 30 36 02 01 01 60 31 02 01 03 04 24 63 6e 3d 4d 06...`1....$cn=M
0010: 61 6e 61 67 65 72 2c 64 63 3d 61 72 69 65 6c 2c anager,dc=ariel,
0020: 64 63 3d 6b 61 72 6d 61 6b 2c 64 63 3d 6f 72 67 dc=karmak,dc=org
0030: 80 06 73 65 63 72 65 74 ..secret
ldap_write: want=56, written=56
0000: 30 36 02 01 01 60 31 02 01 03 04 24 63 6e 3d 4d 06...`1....$cn=M
0010: 61 6e 61 67 65 72 2c 64 63 3d 61 72 69 65 6c 2c anager,dc=ariel,
0020: 64 63 3d 6b 61 72 6d 61 6b 2c 64 63 3d 6f 72 67 dc=karmak,dc=org
0030: 80 06 73 65 63 72 65 74 ..secret
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sun Apr 7 06:30:11 2002
** Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
do_ldap_select
read1msg: msgid 1, all 1
ber_get_next
ldap_read: want=1, got=1
0000: 30 0
ldap_read: want=1, got=1
0000: 0c .
ldap_read: want=12, got=12
0000: 02 01 01 61 07 0a 01 31 04 00 04 00 ...a...1....
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x08069f78 ptr=0x08069f78 end=0x08069f84 len=12
0000: 02 01 01 61 07 0a 01 31 04 00 04 00 ...a...1....
ldap_read: message type bind msgid 1, original id 1
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08069f78 ptr=0x08069f7b end=0x08069f84 len=9
0000: 61 07 0a 01 31 04 00 04 00 a...1....
read1msg: 0 new referrals
read1msg: mark request completed, id = 1
request 1 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08069f78 ptr=0x08069f7b end=0x08069f84 len=9
0000: 61 07 0a 01 31 04 00 04 00 a...1....
ber_scanf fmt (}) ber:
ber_dump: buf=0x08069f78 ptr=0x08069f84 end=0x08069f84 len=0
ldap_msgfree
ldap_perror
ldap_bind: Invalid credentials
------------------------ END ldapadd output -----------------------
----------------------- BEGIN strace output ------------------------
This is somewhat large, so I've made it available on the web instead:
http://karmak.org/2002/04/ldap/strace.txt
------------------------ END strace output -------------------------
Thanks,
m.