[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Re: Re: ldapadd -> ldap_bind: Invalid credentials
Remove the part cn=manager form the rootDN
it should be:
rootdn "dc=mydom,dc=com,o=Columbus,c=US"
then you can authenticate with using the
cn=Manager,dc=mydom,dc=com,o=Columbus,c=US as a user
Dolf Smits
-----Original Message-----
From: Subba Rao [mailto:sailorn@attglobal.net]
Sent: zaterdag 8 juni 2002 20:32
To: Kurt D. Zeilenga
Cc: openldap
Subject: Re: Re: Re: ldapadd -> ldap_bind: Invalid credentials
Hello,
Thank you for replying.
I do have the following entry in my slapd.conf
rootdn "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
I am lost with the DN and similar stuff. Where do I learn the key syntax of
LDAP?
Since the above entry is in my slapd.conf, why is the system still spewing
out the
"Invalid credentials" error message?
The 3 things I would like to do with LDAP are setup authentication for
remote VPN users,
mapping the systems on the network, setting up mail (Qmail + LDAP). I don't
know the
real use of the 3rd item in my list yet.
Thank you for your patience.
Best regards.
Subba Rao
sailorn@attglobal.net
2002-06-08
======= At 2002-06-08, 08:30:00 you wrote: =======
>You can only authenticate to a DN which is under a suffix.
>Your rootdn is not under any suffix.
>
>Kurt
>
>At 06:55 AM 2002-06-08, Subba Rao wrote:
>>Thank you for replying.
>>
>>Nothing in my configuration has changed. I tried the options you and Harry
Ruter suggested. The command
>>I have tried is:
>>
>> ldapadd -x -D "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US" -W -f
mydom.ldif
>>
>>and I stll get the error message:
>>
>> ldap_bind: Invalid credentials
>>
>>
>>Best regards.
>>Subba Rao
>>sailorn@attglobal.net
>>2002-06-08
>>
>>======= At 2002-06-07, 14:06:00 you wrote: =======
>>
>>>Subba Rao wrote:
>>>
>>>
>>>
>>>the cn used in ldapadd is different than the rootdn used in your
slapd.conf
>>>
>>>you should type:
>>>
>>>ldapadd -x -D "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US" -W -f
mydom.ldif
>>>
>>>or modify your
>>>rootdn "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
>>>in order to have the same cn as wanted in your ldapadd
>>>
>>>
>>>>Hi,
>>>>
>>>>I have compiled openldap-2.0.23 with the defaults in the "configure"
>>>>script. After installing, I created a new password using slappasswd.
>>>>I have also created a test LDIF file. Now I am trying to add a record
>>>>to the LDIF file. When I use "ldapadd" command I get the error message:
>>>>
>>>> ldap_bind: Invalid credentials
>>>>
>>>>I searched through the archive but the solution suggested was to create
>>>>a new passwd and enter it into "slapd.conf". I compiled and reinstalled
>>>>openldap and the same problem persists.
>>>>
>>>>What did I miss here? Could someone please let me know what I need to
>>>>do to get this working?
>>>>
>>>>Thank you in advance.
>>>>
>>>>Subba Rao
>>>>sailorn@attglobal.net
>>>>
>>>>=====> slappasswd
>>>>root@myhost:/usr/local/etc# slappasswd
>>>>New password:
>>>>Re-enter new password:
>>>>{SSHA}kQPZKfiICWXEaMQW7sULANX4uX2c2j52
>>>>
>>>>=====> slapd.conf
>>>># $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
20:00:31 kur
>>>>t Exp $
>>>>#
>>>># See slapd.conf(5) for details on configuration options.
>>>># This file should NOT be world readable.
>>>>#
>>>>include /usr/local/etc/openldap/schema/core.schema
>>>>
>>>># Define global ACLs to disable default read access.
>>>>
>>>># Do not enable referrals until AFTER you have a working directory
>>>># service AND an understanding of referrals.
>>>>#referral ldap://root.openldap.org
>>>>
>>>>pidfile /usr/local/var/slapd.pid
>>>>argsfile /usr/local/var/slapd.args
>>>>
>>>># Load dynamic backend modules:
>>>># modulepath /usr/local/libexec/openldap
>>>># moduleload back_ldap.la
>>>># moduleload back_ldbm.la
>>>># moduleload back_passwd.la
>>>># moduleload back_shell.la
>>>>
>>>>#
>>>># Sample Access Control
>>>># Allow read access of root DSE
>>>># Allow self write access
>>>># Allow authenticated users read access
>>>># Allow anonymous users to authenticate
>>>>#
>>>>#access to dn="" by * read
>>>>#access to *
>>>># by self write
>>>># by users read
>>>># by anonymous auth
>>>>#
>>>># if no access controls are present, the default is:
>>>># Allow read by all
>>>>#
>>>># rootdn can always write!
>>>>
>>>>#######################################################################
>>>># ldbm database definitions
>>>>#######################################################################
>>>>
>>>>database ldbm
>>>>suffix "dc=mydom,dc=com"
>>>>#suffix "o=My Organization Name,c=US"
>>>>rootdn "cn=Manager,dc=mydom,dc=com,o=Columbus,c=US"
>>>>#rootdn "cn=Manager,o=Columbus,c=US"
>>>># Cleartext passwords, especially for the rootdn, should
>>>># be avoid. See slappasswd(8) and slapd.conf(5) for details.
>>>># Use of strong authentication encouraged.
>>>>rootpw {SSHA}kQPZKfiICWXEaMQW7sULANX4uX2c2j52
>>>># The database directory MUST exist prior to running slapd AND
>>>># should only be accessible by the slapd/tools. Mode 700 recommended.
>>>>directory /usr/local/var/openldap-ldbm
>>>># Indices to maintain
>>>>index objectClass eq
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>=====> test.ldif
>>>>bjectclass: dcObject
>>>>objectclass: organization
>>>>o: Independent Services
>>>>dc: mydom
>>>>
>>>>dn: cn:Manager,dc=mydom,dc=com
>>>>objectclass: organizationalRole
>>>>cn: Manager
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>=====> ldapadd
>>>>root@myhost:/usr/local/etc# ldapadd -x -D "cn=Manager,dc=mydom,dc=com"
-W -f mydom.ldif
>>>>Enter LDAP Password:
>>>>ldap_bind: Invalid credentials
>>>>root@myhost:/usr/local/etc#
>>>>
>>>>
>>>>
>>>>
>>
>>= = = = = = = = = = = = = = = = = = = =
>>
= = = = = = = = = = = = = = = = = = = =