[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Still I am uanble to execute ldapsearch
Dear Chee Wai & Kend,
I tried the option -x & -W which you had given to me, But again I got the
following error.
[root@devserv shreedhar]# /usr/local/bin/ldapsearch -n -h localhost -p
389 -D
"cn=stixen.co.uk, c=uk" -b "o=stixen.co.uk, o=uk" -x -W 'ojectclass=*'
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
Thanks and Regards,
Sreedhar
----- Original Message -----
From: "Chee Wai Yeung" <cheewai_yeung2003@yahoo.com.hk>
To: "shreedhar" <shreedhar@lucidindia.net>
Sent: Thursday, May 29, 2003 8:42 PM
Subject: Re: Still I am uanble to execute ldapsearch
> Should also use -x (simple authentication, ie. plain
> text) and -W (ask for rootdn password)
>
> ldapsearch -n -h localhost -p 389 -D "....." -b
> "....." -x -W 'objectclass=*'
>
> Chee Wai
>
> --- shreedhar <shreedhar@lucidindia.net> wrote:
> > * If I try to Search
> > [root@devserv /]# /usr/local/bin/ldapsearch -n -h
> > localhost -p 389 -D "cn=stix
> > en.co.uk, c=uk" -b "o=stixen.co.uk, o=uk"
> > 'ojectclass=*'
> > SASL/DIGEST-MD5 authentication started
> > Please enter your password:secret (given by me)
> > ldap_sasl_interactive_bind_s: Internal
> > (implementation specific) error (80)
> > additional info: SASL(-13): user not found:
> > no secret in database
> >
> > May I know where I am going wrong. . I went through
> > www.openldap.org documentation file, there is no
> > proper explanation that how to add data and search.
> > The following is slapd.conf file and error
> > information which I got.
> >
> > My slapd.conf file is following.
> >
> > # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v
> > 1.23.2.7 2003/03/24 03:54:12 kurt Exp $
> > #
> > # See slapd.conf(5) for details on configuration
> > options.
> > # This file should NOT be world readable.
> > #
> > include /usr/local/etc/openldap/schema/core.schema
> > include
> > /usr/local/etc/openldap/schema/openldap.schema
> >
> > #include /usr/local/etc/openldap/slapd.at.conf
> > #include /usr/local/etc/openldap/slapd.oc.conf
> >
> > # Define global ACLs to disable default read access.
> >
> > # Do not enable referrals until AFTER you have a
> > working directory
> > # service AND an understanding of referrals.
> > # referral ldap://root.openldap.org
> >
> > pidfile /usr/local/var/slapd.pid
> > argsfile /usr/local/var/slapd.args
> >
> > # Load dynamic backend modules:
> > modulepath /usr/local/libexec/openldap
> > moduleload back_bdb.la
> > moduleload back_ldap.la
> > moduleload back_ldbm.la
> > moduleload back_passwd.la
> > moduleload back_shell.la
> >
> > # Sample security restrictions
> > #
> > # Disallow clear text exchange of passwords
> > disallow bind_simple_unprotected
> > #
> > # Require integrity protection (prevent hijacking)
> > # Require 112-bit (3DES or better) encryption for
> > updates
> > # Require 63-bit encryption for simple bind
> > security ssf=1 update_ssf=112 simple_bind=64
> >
> > # Sample access control policy:
> > # Root DSE: allow anyone to read it
> > # Subschema (sub)entry DSE: allow anyone to read it
> > # Other DSEs:
> > # Allow self write access
> > # Allow authenticated users read access
> > # Allow anonymous users to authenticate
> > # Directives needed to implement policy:
> > # access to dn.base="" by * read
> > # access to dn.base="cn=Subschema" by * read
> > # access to *
> > # by self write
> > # by users read
> > # by anonymous auth
> > #
> > # if no access controls are present, the default
> > policy is:
> > # Allow read by all
> > #
> > # rootdn can always write!
> >
> >
> #######################################################################
> > # ldbm database definitions
> >
> #######################################################################
> >
> > database bdb
> > suffix "dc=my-domain,dc=com"
> > rootdn "cn=Manager,dc=my-domain,dc=com"
> > # Cleartext passwords, especially for the rootdn,
> > should
> > # be avoid. See slappasswd(8) and slapd.conf(5) for
> > details.
> > # Use of strong authentication encouraged.
> >
> > rootpw secret
> > # The database directory MUST exist prior to running
> > slapd AND
> > # should only be accessible by the slapd and slap
> > tools.
> > # Mode 700 recommended.
> > directory /var/local/stixen
> > # Indices to maintain
> >
> >
> > * If I try to add
> > [root@devserv openldap]# /usr/local/bin/ldapadd -n
> > -h localhost -p 389 -D "cn=root, o=stixen.co.uk,
> > c=uk" -w secret -f test.ldif
> > !adding new entry "o=stixen.co.uk, c=uk"
> >
> > Where my test.ldif is
> >
> > dn: o=stixen.co.uk, c=uk
> >
> > o: stixen.co.uk
> >
> > objectclass: top
> >
> > objectclass: organization
> > * If I try to Search
> > [root@devserv /]# /usr/local/bin/ldapsearch -n -h
> > localhost -p 389 -D "cn=stix
> > en.co.uk, c=uk" -b "o=stixen.co.uk, o=uk"
> > 'ojectclass=*'
> > SASL/DIGEST-MD5 authentication started
> > Please enter your password:secret
> > ldap_sasl_interactive_bind_s: Internal
> > (implementation specific) error (80)
> > additional info: SASL(-13): user not found:
> > no secret in database
> >
> >
> > Thanks & Regards,
> > Sreedhar
> >
> >
> >
> >
> >
> > Our greatest happiness in life does not depend on
> > the condition of life in which chance has placed us,
> > but is always the result of good conscience, good
> > health, occupation, and freedom in all just pursuits
> >
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
> http://calendar.yahoo.com
>