[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: setting up admin password on openldap



Hello,

Well Finally I have got something. I have one last question though, regarding the concept, Below is the excerpt from my new slapd.conf:

backend bdb

database monitor

database        bdb
suffix          "o=trac"
rootdn          "cn=nsadmin,o=trac"


rootpw  plain-text password.

When I write cn=nsadmin,o=trac in userDN box in ldap brwoser and give the password given in the plain text in slapd.conf it connects to the ldap server using the credentials.

While in my old slapd.conf file which I was using as a reference the rootpw line is hashed and in rootdn it is only :cn-nsadmin" as follows:

backend bdb

database monitor

database        bdb
suffix          "o=trac"
rootdn          "cn=nsadmin"


#rootpw  secret.

Rest both the configuration files are same. But on the old server I can still connect the ldap server through ldap browser using UserDn cn=nsadmin and the password. My question is how is that happening? I have not really grasped this idea.

Also nsadmin exists as a user and I can see that it has a hashed password on my original server, while on my new server since (probably i did not used hashed password in slapd.conf) it appears as the plain text. If any one can please point me to the right section of the guide to understand or tell me in simple words!

Thank you all for your help despite of vague questions and replies.

Regards





On 10/31/07, Szombathelyi György < gyurco@freemail.hu> wrote:
Ezzel a dátummal: Tuesday 30 October 2007 21.54.49 Naufal Sheikh ezt írta:
> Hi Piotr,
>
> Here is my ldif file.
>
> dn: cn=nsadmin
> changetype: modify
> userpassword: {SHA}R0f182La8UTJewHKUWIr2ltHPXc=
>  and the command I used is:
>
> [ root@syru156 bin]# ./ldapmodify -x -v -f /main/backup/nsadmin.ldif
> ldap_initialize( <DEFAULT> )
> replace userpassword:
>         {SHA}R0f182La8UTJewHKUWIr2ltHPXc=
> modifying entry "cn=nsadmin"
> modify complete
> ldap_modify: Strong(er) authentication required (8)
>         additional info: modifications require authentication
>
> and I cannot still connect bind to ldap through credentials. It says
> invalid credentials when I try to connect it through ldap browser.
>
>
You didn't specify what DN you want to connect.  "Use ldapmodify -D
cn=nsadmin,o=trac -x ...". And use the password you gave in slapd.conf.
The "rootdn" and "rootpw" have precedence over the one you have in the
directory.

Bye,
György