[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Single User Authentication



At 03:44 PM 2/6/2006, Alexander Hartner wrote:
>I now changed it to :
>
>access to dn.subtree="ou=people,o=j2anywhere,c=com"
>  by dn.one="cn=addressbook,o=j2anywhere,c=com" write
>  by * auth
>
>Yet I still get either error. Am I correct in assuming that because I  
>used a MD5 hashed password that I can savely ignore the -x flag.

No.

>To  
>be honest i am not sure which is the correct error. I think that the  
>second error message is the right one as I am not correctly  
>authentication (without the -x) in the first one. If you have any  
>further information please let me know.
>
>bumblebee ~ # ldapsearch -D "cn=addressbook,o=j2anywhere,c=com"  -w  
>password -x  -v -h 192.168.0.3
>ldap_initialize( ldap://192.168.0.3 )
>ldap_bind: Invalid credentials (49)

This error is discussed in the FAQ:
   http://www.openldap.org/faq/index.cgi?file=231 

>bumblebee ~ # ldapsearch -D "cn=addressbook,o=j2anywhere,c=com"  -w  
>password -v -h 192.168.0.3
>ldap_initialize( ldap://192.168.0.3 )
>ldap_sasl_interactive_bind_s: No such object (32)
>bumblebee ~ #

This error is discussed in the FAQ:
   http://www.openldap.org/faq/index.cgi?file=576


>Thanks
>Alex
>
>
>On 6 Feb 2006, at 21:41, Pierangelo Masarati wrote:
>
>>On Mon, 2006-02-06 at 21:15 +0000, Alexander Hartner wrote:
>>>I am trying to configure a single user on my directly which has
>>>access to a sub tree. So I added the following to my slapd.conf
>>>
>>>access to dn.subtree="ou=people,o=j2anywhere,c=com"
>>>  by dn.one="cn=addressbook,o=j2anywhere,c=com" write
>>
>>add a "by * auth" as the last <by> clause of your ACL; or add  
>>"access to
>>attrs=userPassword by * auth" as your first rule.
>>
>>p.
>>
>>
>>
>>
>>Ing. Pierangelo Masarati
>>Responsabile Open Solution
>>OpenLDAP Core Team
>>
>>SysNet s.n.c.
>>Via Dossi, 8 - 27100 Pavia - ITALIA
>>http://www.sys-net.it
>>------------------------------------------
>>Office:   +39.02.23998309
>>Mobile:   +39.333.4963172
>>Email:    pierangelo.masarati@sys-net.it
>>------------------------------------------
>