[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: confused: after PADL migration, can only search as Manager?



man, 2003-01-20 kl. 20:39 skrev Brian K. Jones:

> Here's what I'm getting:
> 
>  > ldapsearch -L -W -D "uid=jonesy,ou=People,dc=my,dc=domain,dc=com"
> 'uid=jonesy' -x
> ldap_bind: Invalid credentials (49)
>  >

> However, if I use "cn=Manager,dc=my,dc=domain,dc=com" everything is fine
> - using all of the same flags and everything.  

> How does LDAP check if you're a valid user?  Does it not use the
> password that's in the user's entry in the directory itself?  The
> authentication stuff is really cloudy for me right now, so excuse my
> ignorance.  

It uses the dn. From your example, I'd guess you are using cn for the
first dn rdn, with uid as a complementary attribute. slapd will not
verify the node this way. If you use the uid instead of cn in the dn, it
will. But to my mind, this is not a Good Idea, nor does it agree with
the relevant rfc(s, haven't the number in my head, but they're all
packed with the Openldap tar distros)

Best,

Tony

-- 

Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl