[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap_bind: Invalid credentials (49)
--On Sunday, August 28, 2005 11:38 AM -0400 alpnet99@netscape.net wrote:
I'm new to LDAP and just playing around with it. I'm trying to figure
out why ldapsearch fails with the above error when I activate a simple
ACL.
# ldapsearch -x -b 'dc=test,dc=com' -D
# 'mail=Michelle@test.com,ou=michelle,dc=test,dc=com' -w pass123
ldap_bind: Invalid credentials (49)
access to *
by users read
# by * read
# uncommenting above line allows ldapsearch to bind OK with
# the *correct* passwd ??
-----
Your ACL rule above only lets authenticated users read the DB. Since your
initial connection isn't authenticated yet, it cannot read the user
password attribute, so the bind fails.
You probably want something like:
access to userPassword
by anonymous auth
by self read
access to *
by users read
or something like that. Don't quote me on it, because I don't support
passwords in my DB. ;)
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin