[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Authenticating against slapd installed from package
* Marc Tardif <marc@interunion.ca> [2006-07-20 10:53 -0400]:
> I have installed OpenLDAP 2.2.26 from package on Ubuntu 6.06 LTS. The
> postinst script prompts for a password to create an admin user. However,
> when I try to run the ldapsearch command as the admin with that password, I
> get the following error message:
>
> $ ldapsearch -x -w password -D "cn=admin,dc=nodomain" '(objectclass=*)'
> ldap_bind: Invalid credentials (49)
[snip]
> So, any ideas what I might be doing wrong?
I have managed to address the authentication problem encountered by
ldapsearch. It seems that the encryption used for the password wasn't
being recognized by the authentication mechanism. So, I changed the
password for cleartext with the following commands:
$ /etc/init.d/slapd stop
$ slapcat -f /etc/ldap/slapd.conf > /tmp/ldap.ldif
$ perl -p -e 's/::.*/: password/' /tmp/ldap.ldif
$ slapadd -f /etc/ldap/slapd.conf -l /tmp/ldap.ldif
$ /etc/init.d/slapd start
Then the ldapsearch command output the content of the LDAP database:
$ ldapsearch -x -w password -D "cn=admin,dc=nodomain" '(objectclass=*)'
...
So, here is the value for the userPassword attribute before ldapsearch
worked:
userPassword:: e2NyeXB0fUY2ZGdUZmF0SlUubTY=
And after ldapsearch started working:
userPassword:: d2FydGhvZ3M=
Both are meant to be for the same password, so what might be the problem?
Can I change the decryption algorithm from the ldapsearch options?
--
Marc Tardif <marc@interunion.ca>
Freenode: cr3, Jabber: cr3@jabber.org
1024D/72679CAD 09A9 D871 F7C4 A18F AC08 674D 2B73 740C 7267 9CAD