[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ugh. Can't get OpenLDAP to auth users - only Manager.



I stand corrected... the letters 'ONE' are, coincidentally, the first
three letters of my encrypted YP password.  Still lost - but less so
now.


On Wed, 2003-01-22 at 12:50, Darren Gamble wrote:
> Good day,
> 
> > Here's my entry in the ldif output when I do an ldapsearch as 
> > 'Manager'
> > 
> > dn: uid=jonesy,ou=People,dc=my,dc=domain,dc=com
> > uid: jonesy
> > cn: Brian K. Jones
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > userPassword:: e2NyeXB0fU9ORW (It's a hash - I improvised)
> > loginShell: /bin/bash
> > uidNumber: 3025
> > gidNumber: 34
> > homeDirectory: /home/jonesy
> > gecos: Brian K. Jones
> > 
> > So my password is in there, and I know my password at least!  However,
> > LDAP doesn't like me or something :-o  
> 
> You're doing everything right, but, you just didn't crypt your password
> properly.  The message that the LDAP server is returning is simply telling
> you that your username and password combination isn't right. 
> 
> The userPassword value you put in is "{crypt}ONE", that is, a password that
> crypts to the crypted string "ONE", which won't work at all.  Note that I
> got this from base64-decoding the value.
> 
> You can store the password as plain text for testing (i.e. just "ONE" and
> not "{crypt}ONE"), but for further use you probably want to get some more
> information about how to properly make hashed passwords.
> 
> HTH,
> 
> ============================
> Darren Gamble
> Planner, Regional Services
> Shaw Cablesystems GP
> 630 - 3rd Avenue SW
> Calgary, Alberta, Canada
> T2P 4L4
> (403) 781-4948
-- 

Brian K. Jones
System Administrator
Dept. of Computer Science, Princeton University
jonesy@cs.princeton.edu
http://www.linuxlaboratory.org
http://phat.sourceforge.net
Voice: (609) 258-6080