[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Cannot authenticate with user/password

To: "'syrotiuk@manchester.ac.uk'" <syrotiuk@manchester.ac.uk>, "'jonathan@phillipoux.net'" <jonathan@phillipoux.net>
Subject: Re: Cannot authenticate with user/password
From: Chris Jacobs <Chris.Jacobs@apollogrp.edu>
Date: Mon, 12 Jul 2010 19:10:41 -0700
Accept-language: en-US
Acceptlanguage: en-US
Cc: "'stybla@turnovfree.net'" <stybla@turnovfree.net>, "'rahul.manchanda@bt.com'" <rahul.manchanda@bt.com>, "'openldap-technical@openldap.org'" <openldap-technical@openldap.org>
Content-language: en-US
In-reply-to: <4C3B270C.2000006@manchester.ac.uk>
Thread-index: AcshzvH/of596JUETZKr5VVCCcwItAAYaVaq
Thread-topic: Cannot authenticate with user/password

Nicholas,

This has been covered before.

Google: DB_CONFIG Expect poor performance

It's just Berkeley DB complaining that there's no DB_CONFIG file...  Harmless.

- chris

Chris Jacobs, Systems Administrator
Apollo Group  |  Apollo Marketing | Aptimus
2001 6th Ave Ste 3200 | Seattle, WA 98121
phone: 206.441.9100 x1245 | mobile: 206.601.3256 | fax: 206.441.9661
email: chris.jacobs@apollogrp.edu

----- Original Message -----
From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
To: Jonathan Clarke <jonathan@phillipoux.net>
Cc: stybla@turnovfree.net <stybla@turnovfree.net>; rahul.manchanda@bt.com <rahul.manchanda@bt.com>; openldap-technical@openldap.org <openldap-technical@openldap.org>
Sent: Mon Jul 12 07:30:36 2010
Subject: Re: Cannot authenticate with user/password

Thanks guys!

Now when I start slapd, I do not understand the output:
-------------------------------------------------------
@(#) $OpenLDAP: slapd 2.4.22 (Jun  9 2010 08:15:30) $
         steve@v480:/bigdisk/SOURCES/S10/openldap-2.4.22/servers/slapd
Backend ACL: access to *
         by self write
         by users read
         by anonymous auth

Backend ACL: access to *
         by * none

config_back_db_open: line 0: warning: cannot assess the validity of the
ACL scope within backend naming context
bdb_db_open: warning - no DB_CONFIG file found in directory
/shibidp/LDAP/var/data: (2).
Expect poor performance for suffix "dc=ldap,dc=mimas,dc=ac,dc=uk".
bdb_monitor_db_open: monitoring disabled; configure monitor database to
enable
slapd starting



Jonathan Clarke wrote:
> On Mon, 12 Jul 2010 14:13:27 +0100, Nicholas Syrotiuk
> <syrotiuk@manchester.ac.uk> wrote:
>> Dear OpenLDAP users,
>>
>> We have downloaded OpenLDAP 2.4.22 from Sunfreeware.com and installed
>> it.  We have successfully imported the LDAP data from another server.
>> We are using the *simple* authentication method.
>>
>> I can authenticate as rootdn but not as a user.  Is there something
>> wrong with my access control list:
>> -----------------------
>> access to *
>>      by self write
>>      by users read
>>      by anonymous none
>> -------------------------
>>
>> I have tried running slapd with debugging switched on but could not
>> diagnose the problem.
>>
>> Any ideas on how to troubleshoot this?
>
> Troubleshooting ACLs is greatly made easier by using "loglevel acl" in
> slapd.conf or "-d acl" on the command line.
>
> In this case, you need to allow anonymous users auth privileges so that
> they can authenticate. See
> http://www.openldap.org/doc/admin24/access-control.html#The%20access%20to%20grant
> for details.
>
> Regards,
> Jonathan

--
N Syrotiuk | Mimas | University of Manchester | Manchester  M13 9PL


This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.

References:
- Re: Cannot authenticate with user/password
  - From: Nicholas Syrotiuk <syrotiuk@manchester.ac.uk>

Prev by Date: Re: slapd goes down
Next by Date: Another question about LDAP over SSL
Index(es):
- Chronological
- Thread