Re: simple bind ldapsearch invalid credentials

["matthew sporleder" <msporleder@gmail.com>]

On 8/7/06, Cornelius Koelbel <cornelius.koelbel@gmx.de> wrote:
> Hello,
>
> i set up openldap 2.2.29 on FC4.
> I guess everything is right, I can access and modify everyting with the
> manager.
> I setup an object
>         cn=corny,ou=users,dc=az,dc=local
>
> as follows:
>
>         dn: cn=corny,ou=users,dc=az,dc=local
>         objectClass: top
>         objectClass: person
>         cn: corny
>         sn: corny
>
> I want to have this person access to a subtree of the ldap.
>         access to dn="ou=cornelius,ou=adressen,dc=az,dc=local"
>                 by dn="cn=corny,ou=users,dc=az,dc=local" write
> But for now, I configured everything:
>         access to *
>                 by dn="cn=corny,ou=users,dc=az,dc=local" write
>
> Now I set a password and try to connect:
>
> corny@schnuck:[/data/down]> ldappasswd  -x -D
> "cn=Manager,dc=az,dc=local" -W -S  "cn=corny,ou=users,dc=az,dc=local"
> New password:
> Re-enter new password:
> Enter LDAP Password:
> Result: Success (0)
>
> everything seems fine, but now:
>
> corny@schnuck:[/data/down]> ldapsearch   -D
> 'cn=corny,ou=users,dc=az,dc=local' -W  -x -b 'dc=az,dc=local'
> Enter LDAP Password:
> ldap_bind: Invalid credentials (49)
>
>
> Whats wrong, where can I start to search?

If you added him with:
      dn: cn=corny,ou=users,dc=az,dc=local
      objectClass: top
      objectClass: person
      cn: corny
      sn: corny

Where would the password be stored?

Why don't you continue using the fedora tools (ldap*?) and ask them
for help setting up your system's auth to ldap.  Your openldap
install, as you said, seems to be working fine.