[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Re: ldapadd -> ldap_bind: Invalid credentials



You can only authenticate to a DN which is under a suffix.
Your rootdn is not under any suffix.

Kurt

At 06:55 AM 2002-06-08, Subba Rao wrote:
>Thank you for replying.
>
>Nothing in my configuration has changed. I tried the options you and Harry Ruter suggested. The command
>I have tried is:
>
>        ldapadd -x -D "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US" -W -f mydom.ldif
>
>and I stll get the error message:
>        
>        ldap_bind: Invalid credentials
>
>
>Best regards.                           
>Subba Rao
>sailorn@attglobal.net
>2002-06-08
>
>======= At 2002-06-07, 14:06:00 you wrote: =======
>
>>Subba Rao wrote:
>>
>>
>>
>>the cn used in ldapadd is different than the rootdn used in your slapd.conf
>> 
>>you should type:
>>
>>ldapadd -x -D "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US" -W -f mydom.ldif
>>
>>or modify your 
>>rootdn          "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
>>in order to have the same cn as wanted in your ldapadd
>>
>>
>>>Hi,
>>>
>>>I have compiled openldap-2.0.23 with the defaults in the "configure"
>>>script. After installing, I created a new password using slappasswd.
>>>I have also created a test LDIF file. Now I am trying to add a record
>>>to the LDIF file. When I use "ldapadd" command I get the error message:
>>>
>>>      ldap_bind: Invalid credentials
>>>
>>>I searched through the archive but the solution suggested was to create
>>>a new passwd and enter it into "slapd.conf". I compiled and reinstalled
>>>openldap and the same problem persists.
>>>
>>>What did I miss here? Could someone please let me know what I need to
>>>do to get this working?
>>>
>>>Thank you in advance.
>>>
>>>Subba Rao
>>>sailorn@attglobal.net
>>>
>>>=====> slappasswd
>>>root@myhost:/usr/local/etc# slappasswd   
>>>New password: 
>>>Re-enter new password: 
>>>{SSHA}kQPZKfiICWXEaMQW7sULANX4uX2c2j52
>>>
>>>=====> slapd.conf
>>># $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kur
>>>t Exp $
>>>#
>>># See slapd.conf(5) for details on configuration options.
>>># This file should NOT be world readable.
>>>#
>>>include         /usr/local/etc/openldap/schema/core.schema
>>>
>>># Define global ACLs to disable default read access.
>>>
>>># Do not enable referrals until AFTER you have a working directory
>>># service AND an understanding of referrals.
>>>#referral       ldap://root.openldap.org
>>>
>>>pidfile         /usr/local/var/slapd.pid
>>>argsfile        /usr/local/var/slapd.args
>>>
>>># Load dynamic backend modules:
>>># modulepath    /usr/local/libexec/openldap
>>># moduleload    back_ldap.la
>>># moduleload    back_ldbm.la
>>># moduleload    back_passwd.la
>>># moduleload    back_shell.la
>>>
>>>#
>>># Sample Access Control
>>>#       Allow read access of root DSE
>>>#       Allow self write access
>>>#       Allow authenticated users read access
>>>#       Allow anonymous users to authenticate
>>>#
>>>#access to dn="" by * read
>>>#access to *
>>>#       by self write
>>>#       by users read
>>>#       by anonymous auth
>>>#
>>># if no access controls are present, the default is:
>>>#       Allow read by all
>>>#
>>># rootdn can always write!
>>>
>>>#######################################################################
>>># ldbm database definitions
>>>#######################################################################
>>>
>>>database        ldbm
>>>suffix          "dc=mydom,dc=com"
>>>#suffix         "o=My Organization Name,c=US"
>>>rootdn          "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
>>>#rootdn         "cn=Manager,o=Columbus,c=US"
>>># Cleartext passwords, especially for the rootdn, should
>>># be avoid.  See slappasswd(8) and slapd.conf(5) for details.
>>># Use of strong authentication encouraged.
>>>rootpw          {SSHA}kQPZKfiICWXEaMQW7sULANX4uX2c2j52
>>># The database directory MUST exist prior to running slapd AND 
>>># should only be accessible by the slapd/tools. Mode 700 recommended.
>>>directory       /usr/local/var/openldap-ldbm
>>># Indices to maintain
>>>index   objectClass     eq
>>>
>>>
>>>
>>>
>>>
>>>=====> test.ldif
>>>bjectclass: dcObject
>>>objectclass: organization
>>>o: Independent Services
>>>dc: mydom
>>>
>>>dn: cn:Manager,dc=mydom,dc=com
>>>objectclass: organizationalRole
>>>cn: Manager
>>>
>>>
>>>
>>>
>>>
>>>=====> ldapadd
>>>root@myhost:/usr/local/etc# ldapadd -x -D "cn=Manager,dc=mydom,dc=com" -W -f mydom.ldif
>>>Enter LDAP Password: 
>>>ldap_bind: Invalid credentials
>>>root@myhost:/usr/local/etc#
>>>
>>>
>>>
>>>
>
>= = = = = = = = = = = = = = = = = = = =
>