[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldapadd : ldap_bind - Invalid credentials (49)
Hi,
your islapd.conf says:
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw secret
Yet you try to add something under dc=example,dc=com
with an authentication ID of cn=Manager,dc=example,dc=com
(which your slapd does not know anything about.
That is not consistent.
Peter
On Saturday 13 December 2003 22:20, Kevin Newman wrote:
> I've just installed OpenLDAP 2.1.25 on W2K \ Cygwin. I've searched
> through the mailing lists and read the OpenLDAP 2.1 Administrator's
> Guide but I must be missing some vital information becuase I can't get
> past:
>
> $ ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f example.ldif
> Enter LDAP Password:
> ldap_bind: Server is unwilling to perform (53)
> additional info: unauthenticated bind (DN with no password)
> disallowed
>
> If I use no password
>
> or
>
> $ ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f example.ldif
> Enter LDAP Password:
> ldap_bind: Invalid credentials (49)
>
> If I use secret as the password
>
> When attempting to do a ldapadd. I'm using the example unchanged from
> the admin guide, but am not having success in performing an ldapadd.
>
> Any suggestions?
>
> Thanks,
>
> Kevin Newman
>
> Here is my example.ldif (all white space have been trimmed)
> ==================================
> dn: dc=example,dc=com
> objectclass: dcObject
> objectclass: organization
> o: Example Company
> dc: example
>
> dn: cn=Manager,dc=example,dc=com
> objectclass: organizationalRole
> cn: Manager
> =================================
>
> Here is my slapd.conf file
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
> 23:19:14 kurt Exp $
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include /usr/local/etc/openldap/schema/core.schema
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral ldap://root.openldap.org
>
> pidfile /usr/local/var/slapd.pid
> argsfile /usr/local/var/slapd.args
>
> # Load dynamic backend modules:
> # modulepath /usr/local/libexec/openldap
> # moduleload back_bdb.la
> # moduleload back_ldap.la
> # moduleload back_ldbm.la
> # moduleload back_passwd.la
> # moduleload back_shell.la
>
> # Sample security restrictions
> # Require integrity protection (prevent hijacking)
> # Require 112-bit (3DES or better) encryption for updates
> # Require 63-bit encryption for simple bind
> # security ssf=1 update_ssf=112 simple_bind=64
>
> # Sample access control policy:
> # Root DSE: allow anyone to read it
> # Subschema (sub)entry DSE: allow anyone to read it
> # Other DSEs:
> # Allow self write access
> # Allow authenticated users read access
> # Allow anonymous users to authenticate
> # Directives needed to implement policy:
> # access to dn.base="" by * read
> # access to dn.base="cn=Subschema" by * read
> # access to *
> # by self write
> # by users read
> # by anonymous auth
> #
> # if no access controls are present, the default policy is:
> # Allow read by all
> #
> # rootdn can always write!
>
> #######################################################################
> # ldbm database definitions
> #######################################################################
>
> database bdb
> suffix "dc=my-domain,dc=com"
> rootdn "cn=Manager,dc=my-domain,dc=com"
> # Cleartext passwords, especially for the rootdn, should
> # be avoid. See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw secret
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory /usr/local/var/openldap-data
> # Indices to maintain
> index objectClass eq
>
> System Info:
>
> Cygwin Win95/NT Configuration Diagnostics
> Current System Time: Sat Dec 13 13:27:59 2003
>
> Windows 2000 Professional Ver 5.0 Build 2195 Service Pack 3
> <some deleted>
> Cygwin DLL version info:
> DLL version: 1.5.5
> DLL epoch: 19
> DLL bad signal mask: 19005
> DLL old termios: 5
> DLL malloc env: 28
> API major: 0
> API minor: 94
> Shared data: 3
> DLL identifier: cygwin1
> Mount registry: 2
> Cygnus registry name: Cygnus Solutions
> Cygwin registry name: Cygwin
> Program options name: Program Options
> Cygwin mount registry name: mounts v2
> Cygdrive flags: cygdrive flags
> Cygdrive prefix: cygdrive prefix
> Cygdrive default prefix:
> Build date: Sat Sep 20 16:31:15 EDT 2003
> CVS tag: cr-0x9b
> Shared id: cygwin1S3
--
Peter Marschall
eMail: peter@adpm.de