Re: ldap_sasl_interactive_bind_s: Confidentiality required (13)

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 01:37 PM 9/1/2006, Nhut Thai Le wrote:
>You are right,  i didn't pass the -x and -W to ldapsearch/ldapwhoami since i though it gonna use the root password i put in the /etc/ldap.conf by default.

First, you likely are confusing OpenLDAP's ldap.conf(5) for some
other ldap.conf file on your system.  OpenLDAP's is normally in
${prefix}/etc/openldap/ldap.conf, where $prefix determined by
configure.

Second, there is no ldap.conf(5) password directive.

> The command i use is:
>*
>ldapsearch -x -W -b 'cn=lightportal'*
>*Enter Password: *   //i give no password, just press Enter
>then it print out:*

You've asked ldapsearch to do an LDAP Simple unauthenticated
Bind.

># search result
>search: 2
>result: 13 Confidentiality required
>text: confidentiality required

Your server appears to require the client to establish
data confidentiality protective services.

>With the same command as above, but giving a root password which has been put in the /etc/ldap.conf (encrypted) yield the following error:
>*
>ldap_bind: Invalid credentials (49)

Given you didn't specify a Bind DN, that's not surprising.

>*
>Try with
>*
>ldapsearch -x -W -b "dc=lightportal" -D "cn=Manager,dc=lightportal" *
>
>also result error:*
>
>ldap_bind: Confidentiality required (13)
>      additional info: confidentiality required*
>Why doesnt ldap accept my password?

Your server appears to require the client to establish
data confidentiality protective services.

>My /etc/ldap.conf is:

Your /etc/ldap.conf doesn't appear to be relevant.  See my
first comment.