[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Re: Re: ldapadd -> ldap_bind: Invalid credentials



Remove the part cn=manager form the rootDN
it should be:
	rootdn          "dc=mydom,dc=com,o=Columbus,c=US"

then you can authenticate with using the
cn=Manager,dc=mydom,dc=com,o=Columbus,c=US as a user

Dolf Smits


-----Original Message-----
From: Subba Rao [mailto:sailorn@attglobal.net]
Sent: zaterdag 8 juni 2002 20:32
To: Kurt D. Zeilenga
Cc: openldap
Subject: Re: Re: Re: ldapadd -> ldap_bind: Invalid credentials


Hello,

Thank you for replying.

I do have the following entry in my slapd.conf

	rootdn          "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"

I am lost with the DN and similar stuff. Where do I learn the key syntax of
LDAP?
Since the above entry is in my slapd.conf, why is the system still spewing
out the
"Invalid credentials" error message?

The 3 things I would like to do with LDAP are setup authentication for
remote VPN users,
mapping the systems on the network, setting up mail (Qmail + LDAP). I don't
know the
real use of the 3rd item in my list yet.

Thank you for your patience.


Best regards.				 
Subba Rao
sailorn@attglobal.net
2002-06-08


======= At 2002-06-08, 08:30:00 you wrote: =======

>You can only authenticate to a DN which is under a suffix.
>Your rootdn is not under any suffix.
>
>Kurt
>
>At 06:55 AM 2002-06-08, Subba Rao wrote:
>>Thank you for replying.
>>
>>Nothing in my configuration has changed. I tried the options you and Harry
Ruter suggested. The command
>>I have tried is:
>>
>>        ldapadd -x -D "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US" -W -f
mydom.ldif
>>
>>and I stll get the error message:
>>        
>>        ldap_bind: Invalid credentials
>>
>>
>>Best regards.                           
>>Subba Rao
>>sailorn@attglobal.net
>>2002-06-08
>>
>>======= At 2002-06-07, 14:06:00 you wrote: =======
>>
>>>Subba Rao wrote:
>>>
>>>
>>>
>>>the cn used in ldapadd is different than the rootdn used in your
slapd.conf
>>> 
>>>you should type:
>>>
>>>ldapadd -x -D "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US" -W -f
mydom.ldif
>>>
>>>or modify your 
>>>rootdn          "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
>>>in order to have the same cn as wanted in your ldapadd
>>>
>>>
>>>>Hi,
>>>>
>>>>I have compiled openldap-2.0.23 with the defaults in the "configure"
>>>>script. After installing, I created a new password using slappasswd.
>>>>I have also created a test LDIF file. Now I am trying to add a record
>>>>to the LDIF file. When I use "ldapadd" command I get the error message:
>>>>
>>>>      ldap_bind: Invalid credentials
>>>>
>>>>I searched through the archive but the solution suggested was to create
>>>>a new passwd and enter it into "slapd.conf". I compiled and reinstalled
>>>>openldap and the same problem persists.
>>>>
>>>>What did I miss here? Could someone please let me know what I need to
>>>>do to get this working?
>>>>
>>>>Thank you in advance.
>>>>
>>>>Subba Rao
>>>>sailorn@attglobal.net
>>>>
>>>>=====> slappasswd
>>>>root@myhost:/usr/local/etc# slappasswd   
>>>>New password: 
>>>>Re-enter new password: 
>>>>{SSHA}kQPZKfiICWXEaMQW7sULANX4uX2c2j52
>>>>
>>>>=====> slapd.conf
>>>># $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
20:00:31 kur
>>>>t Exp $
>>>>#
>>>># See slapd.conf(5) for details on configuration options.
>>>># This file should NOT be world readable.
>>>>#
>>>>include         /usr/local/etc/openldap/schema/core.schema
>>>>
>>>># Define global ACLs to disable default read access.
>>>>
>>>># Do not enable referrals until AFTER you have a working directory
>>>># service AND an understanding of referrals.
>>>>#referral       ldap://root.openldap.org
>>>>
>>>>pidfile         /usr/local/var/slapd.pid
>>>>argsfile        /usr/local/var/slapd.args
>>>>
>>>># Load dynamic backend modules:
>>>># modulepath    /usr/local/libexec/openldap
>>>># moduleload    back_ldap.la
>>>># moduleload    back_ldbm.la
>>>># moduleload    back_passwd.la
>>>># moduleload    back_shell.la
>>>>
>>>>#
>>>># Sample Access Control
>>>>#       Allow read access of root DSE
>>>>#       Allow self write access
>>>>#       Allow authenticated users read access
>>>>#       Allow anonymous users to authenticate
>>>>#
>>>>#access to dn="" by * read
>>>>#access to *
>>>>#       by self write
>>>>#       by users read
>>>>#       by anonymous auth
>>>>#
>>>># if no access controls are present, the default is:
>>>>#       Allow read by all
>>>>#
>>>># rootdn can always write!
>>>>
>>>>#######################################################################
>>>># ldbm database definitions
>>>>#######################################################################
>>>>
>>>>database        ldbm
>>>>suffix          "dc=mydom,dc=com"
>>>>#suffix         "o=My Organization Name,c=US"
>>>>rootdn          "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
>>>>#rootdn         "cn=Manager,o=Columbus,c=US"
>>>># Cleartext passwords, especially for the rootdn, should
>>>># be avoid.  See slappasswd(8) and slapd.conf(5) for details.
>>>># Use of strong authentication encouraged.
>>>>rootpw          {SSHA}kQPZKfiICWXEaMQW7sULANX4uX2c2j52
>>>># The database directory MUST exist prior to running slapd AND 
>>>># should only be accessible by the slapd/tools. Mode 700 recommended.
>>>>directory       /usr/local/var/openldap-ldbm
>>>># Indices to maintain
>>>>index   objectClass     eq
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>=====> test.ldif
>>>>bjectclass: dcObject
>>>>objectclass: organization
>>>>o: Independent Services
>>>>dc: mydom
>>>>
>>>>dn: cn:Manager,dc=mydom,dc=com
>>>>objectclass: organizationalRole
>>>>cn: Manager
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>=====> ldapadd
>>>>root@myhost:/usr/local/etc# ldapadd -x -D "cn=Manager,dc=mydom,dc=com"
-W -f mydom.ldif
>>>>Enter LDAP Password: 
>>>>ldap_bind: Invalid credentials
>>>>root@myhost:/usr/local/etc#
>>>>
>>>>
>>>>
>>>>
>>
>>= = = = = = = = = = = = = = = = = = = =
>>                        

= = = = = = = = = = = = = = = = = = = =