[Date Prev][Date Next] [Chronological] [Thread] [Top]

invalid credentials (49) for normal user



Hi,

I have imported my passwd and groups file in ldap using
migrate_all_online.sh script.

I am able to simple bind to ldap using
binddn= uid=root,ou=People,o=M1,c=GB but i can't seem to bind with any
other user like rui etc with their linux password. Its says invalid
credentials.

I need to bind for authentication and then get all the primary and
secondary groups of a user(how can i do that). Why am i having this
problem - do i have to do something extra?

When bound as root, if i do "memberUid=root" i get all the secondary
groups but i want to do it for any user.

I am using c ldap api at the moment.


Here is my slapd.conf file:
##################################################
# # See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable. #
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/openldap.schema

#######################################################################
# ldbm database definitions
#######################################################################
database        ldbm
suffix          "o=M1,c=GB"
rootdn          "uid=root,ou=People,o=M1,c=GB"
rootpw          abc123
directory       /var/lib/ldap

# Indices to maintain
index   objectClass,uid,uidNumber,gidNumber     eq
index   cn,mail,surname,givenname               eq,subinitial

# # ACLs #
#access to dn="ou=People,o=M1,c=GB"
#attr=userPassword
#by self write
#by dn="uid=root,ou=People,o=M1,c=GB" write
#by * auth access to dn=".*,o=M1,c=GB" by self write
#by dn="uid=root,ou=People,o=M1,c=GB" write
#by * read access to dn=".*,o= M1,c=GB"
#by * read defaultaccess read

access to attr=userpassword
by self write
by dn="uid=root,ou=People,o=M1,c=GB" write
by * read

access to *
by self write
by dn=".+" read
by * read

###############################################

Regards,
rui