[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify : ldap_bind - Invalid credentials (49)



On 9/13/06, Tu Haiyi <tu_haiyi@bah.com> wrote:
 Hi All, I am a new LDAP user. I just installed OpenLDAP 2.2.29 on Windows
XP. I can use LDAP Browser to connect but I can't make ldapmodify work. Here
is my command: ldapmodify -w secret -f ldapmodify.ldif then I get ldap_bind:
Invalid credentials (49) It seems to be pretty simple but I could not find
the problem. My ldapmodify.ldif file is: dn: o=example.com objectclass: top
objectclass: organization o: example.com description: example corp dn:
ou=Employees,cn=Manager, dc=my-domain,dc=com objectclass: top objectclass:
organizationalUnit ou: Employees description: all employees dn:
uid=user1,ou=Employees,o=example.com objectclass: top objectclass: person
objectclass: organizationalPerson cn: John Doe sn: Doe givenname: John uid:
user1 userpassword: password ou: Employees description: user1 My slapd.conf
is: # # See slapd.conf(5) for details on configuration options. # This file
should NOT be world readable. # ucdata-path ./ucdata include
./schema/core.schema # Define global ACLs to disable default read access. #
Do not enable referrals until AFTER you have a working directory # service
AND an understanding of referrals. #referral ldap:/root.openldap.org pidfile
./run/slapd.pid argsfile ./run/slapd.args # Load dynamic backend modules: #
modulepath ./libexec/openldap # moduleload back_bdb.la # moduleload
back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la #
moduleload back_shell.la # Sample security restrictions # Require integrity
protection (prevent hijacking) # Require 112-bit (3DES or better) encryption
for updates # Require 63-bit encryption for simple bind # security ssf=1
update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE:
allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs: # Allow self write access # Allow authenticated users read
access # Allow anonymous users to authenticate # Directives needed to
implement policy: # access to dn.base="" by * read # access to
dn.base="cn=Subschema" by * read # access to * # by self write # by users
read # by anonymous auth # # if no access controls are present, the default
policy # allows anyone and everyone to read anything but restricts # updates
to rootdn. (e.g., "access to * by * read") # # rootdn can always read and
write EVERYTHING!
#######################################################################
# BDB database definitions
#######################################################################
database bdb suffix "dc=my-domain,dc=com" rootdn
"cn=Manager,dc=my-domain,dc=com" # Cleartext passwords,
especially for the rootdn, should # be avoid. See slappasswd(8) and
slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw
secret # The database directory MUST exist prior to running slapd AND #
should only be accessible by the slapd and slap tools. # Mode 700
recommended. directory ./data # Indices to maintain index objectClass eq Can
someone tell me what the problem is? Thanks in advance. Haiyi


Verify your rootdn and rootpw match what's actually in your config.
Also, make sure your syntax is correct.  I would be able to tell you,
but your email is next to impossible to read.

_Matt