[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Secret not in database
Hi Michael,
Surprisingly, I had to remove the cn=
synamatixdev.com in the authz-regexp statement below then only it can match and look for the admin id i created with saslpasswd -c
authz-regexp uid=(.*),cn=digest-md5,cn=auth cn=Manager,dc=synamatixdev,dc=com
However, when i tried to add my users using ldfi format, i encounter some problems.
First, it's the schema issue. When i included inetorgperson schema, it keeps on throwing messages about certain audio, homePhone objectClass structural object not existing. So, i removed all those objects ldap complains and i managed to start my slapd.
After that, when i tried to add my user with the ldif format as below:
dn: ou=people,dc=synamatixdev,dc=com
ou: people
objectClass: organizationalunit
objectClass: inetorgperson
dn: uid=user1,ou=people,dc=synamatixdev,dc=com
uid: user1
cn: Mary
cn: Mary Terry
objectClass: inetorgperson
objectClass: account
objectClass: top
objectClass: shadowAccount
sn: Terry
userPassword: user123
I receive the error message below when i tried to add with slapadd:
str2entry: invalid value for attributeType objectClass #1 (syntax 1.3.6.1.4.1.1466.115.121.1.38)
I am not very sure about the objectClass allowed for OpenLdap 2.3.27. Why does it say there's invalid value for attributeType? PLease help, thanks!
2009/8/6 Michael Ströder
<michael@stroeder.com>
Seau Yeen Su wrote:
>
> I have successfully installed cyrus-sasl-2.1.23 and openldap-2.3.27 plus
> BerkeleyDB.4.3 in my RHEL5.2 server. After the installation, i used
> saslpasswd2 -c to create an admin user:
>
> saslpasswd2 -c admin
Do you actually have an entry with (uid=admin) in your LDAP server?
> After that, I thought of doing a search on the database with the command :
> ldapsearch -H ldap:///localhost -Y DIGEST-MD5 -d 2 -U admin
> but it returned an error of :
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
>
> When i did a check on /etc/, the sasldb2 file is there.
> I do not know
> and understand why it cannot find this user. Did i miss out anything.
> Below is excerpt from my slapd.conf file
>
> password-hash {CLEARTEXT}
> authz-regexp uid=(.*),cn=
synabase-dev5.synamatixdev.com
> <http://synabase-dev5.synamatixdev.com>,cn=DIGEST-MD5,cn=auth
> <http://synabase-dev5.synamatixdev.com>,cn=DIGEST-MD5,cn=auth uid=$1
You don't need /etc/sasldb2 if you want to use authz-regexp. Simply create an
LDAP entry with below your search root dc=synamatixdev,dc=com with attribute
uid set to admin and userPassword set in clear-text.
Ciao, Michael.
--
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com
--
Warmest Regards,
Seau Yeen