[Date Prev][Date Next] [Chronological] [Thread] [Top]

ugh. Can't get OpenLDAP to auth users - only Manager.



Hi,

I'm just getting started with OpenLDAP, and I must be a raging moron,
because I don't see others having the issues I am, and oddly, I haven't
seen this really addressed in all of my reading.  I'm following very
simple instructions, and it doesn't work.

I simply want the ability to perform an ldapsearch, as someone other
than 'Manager', using a password.  So here's an example command I'm
using:

ldapsearch -x -b 'ou=People,dc=my,dc=domain,dc=com' "(objectclass=*)" -h
ldap.my.domain.com -W -D 'uid=jonesy,ou=People,dc=my,dc=domain,dc=com'

I've tried multiple variations on the above, changing the base to the
basedn didn't work and is what I usually try first.

This returns 'ldap_bind: Invalid credentials'.  

Here's my entry in the ldif output when I do an ldapsearch as 'Manager'

dn: uid=jonesy,ou=People,dc=my,dc=domain,dc=com
uid: jonesy
cn: Brian K. Jones
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword:: e2NyeXB0fU9ORW (It's a hash - I improvised)
loginShell: /bin/bash
uidNumber: 3025
gidNumber: 34
homeDirectory: /home/jonesy
gecos: Brian K. Jones

So my password is in there, and I know my password at least!  However,
LDAP doesn't like me or something :-o  

Here's my slapd.conf:
========================================
include         /opt/local/etc/openldap/schema/core.schema
include         /opt/local/etc/openldap/schema/cosine.schema
include         /opt/local/etc/openldap/schema/inetorgperson.schema
include         /opt/local/etc/openldap/schema/nis.schema
include         /opt/local/etc/openldap/schema/misc.schema

pidfile         /opt/local/var/slapd.pid
argsfile        /opt/local/var/slapd.args

access to *
        by * read
        by anonymous auth
        by users read

loglevel 256
#######################################################################
# ldbm database definitions
#######################################################################

database        bdb
suffix          "dc=my,dc=domain,dc=com"
rootdn          "cn=Manager,dc=my,dc=domain,dc=com"
rootpw          {SSHA}OY68bOv
directory       /opt/local/var/openldap-data
index   objectClass     eq
====================================================

And here's my openldap/ldap.conf
====================================================
HOST    ldap.my.domain.com
BASE    dc=my,dc=domain,dc=com
====================================================

What is it that I've forgotten to do?
Thanks for your patience.
brian