[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: unable to perform authenticated binds



Hello Tim,

the "password" you supply won't work, as it is not encoded in base64.

Try to generate a password hash + base64-enc with "slappasswd" and set
this string as your password hash for rootpw.
http://linux.die.net/man/8/slappasswd


Bye, Benjamin.

On Tue, Nov 2, 2010 at 22:50, Tim Dunphy <bluethundr@gmail.com> wrote:
> I am attempting to setup an LDAP server under CentOS 5.4.
>
>
> However I  am unable to search my ldap directory even tho I am
> supplying the proper credentials for the Manager account:
>
>
> [root@ldap openldap]# ldapsearch -x -h ldap -D
> 'cn=Manager,dc=example,dc=net' -W -b 'dc=example,dc=net'
> Enter LDAP Password:
> ldap_bind: Invalid credentials (49)
>
> Anonymous searches do work however:
>
> ldapsearch -x -h ldap -b "dc=example,dc=net" -s sub "objectclass=*"
>
> [root@ldap openldap]# ldapsearch -x -h ldap -b "dc=example,dc=net" -s
> sub "objectclass=*"
> # extended LDIF
> #
> # LDAPv3
> # base <dc=example,dc=net> with scope subtree
> # filter: objectclass=*
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 32 No such object
>
>
> I am currently attempting to use the actual word 'secret' to
> authenticate the Manager account:
>
> database        bdb
> suffix          "dc=example,dc=net"
> rootdn          "cn=Manager,dc=example,dc=net"
> # Cleartext passwords, especially for the rootdn, should
> # be avoided.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
>  rootpw                secret
> # rootpw                 {CRYPT}secret
>
>
> And yet  I am still getting error 49's in my openldap logs with
> loglevel set to 296
>
> /var/log/openldap.log
>
> Nov  2 15:45:58 ldap slapd[3522]: slapd starting
> Nov  2 15:46:14 ldap slapd[3522]: conn=0 fd=11 ACCEPT from
> IP=127.0.0.1:44552 (IP=0.0.0.0:389)
> Nov  2 15:46:14 ldap slapd[3522]: conn=0 op=0 BIND
> dn="cn=Manager,dc=example,dc=net" method=128
> Nov  2 15:46:14 ldap slapd[3522]: conn=0 op=0 RESULT tag=97 err=49 text=
> Nov  2 15:46:14 ldap slapd[3522]: conn=0 fd=11 closed (connection lost)
>
>
> this is how I have configured my ldap.conf
>
> BASE    dc=example,dc=net
> HOST    localhost
> URI     ldap://ldap.example.net
>
>
>
>
> thanks in advance for your help
>
>
>
>
>
>
> --
> Here's my RSA Public key:
> gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9
>
> Share and enjoy!!
>



-- 
To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
be is to do -- Sartre | Do be do be do -- Sinatra