R H wrote: > rootdn "cn=admin,o=testcompany.com > [..] > however I've noticed, that *cn=admin,o=testcompany.com* entry doesn't exists, > while it did using the default config after i've installed openldap. The rootdn can be used without an LDAP entry existing for it. Otherwise you would have an hen-and-egg-problem when starting with an empty DB. > access to attrs=userPassword,shadowLastChange > by dn="cn=admin,o=testcompany.com" write > by anonymous auth > by self write > by * none > [..] > However (this is where my problem is) when i try to log into Redmine with a user that > i've just created (with ldap authentication) i always get Invalid credentials error You should likely check your ACLs. Order is significant in all parts: Order of access directives and order if <who> clauses. https://www.openldap.org/doc/admin24/access-control.html https://www.openldap.org/faq/data/cache/189.html > (while it works like a charm when i login with any other account, created with Simple > Authentication) This sentence does not make sense to me. > In Redmine, I've configured and tested the *ldap authentication*. You'd better test with OpenLDAP command-line tools first, e.g. ldapsearch for testing the redmine user search and ldapwhoami for testing the password authentication. > These events led me to believe that the error is in the LDAP configuration. After a few > more hours/days of fooling around with the *ACL*s and *dpkg-reconfigure slapd* I'd recommend to write your slapd.conf completely yourself and don't use any external configuration tool. This leads to reproducible results and better insights. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature