[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems with Password Encryption (ITS#292)

To: openldap-its@OpenLDAP.org
Subject: Re: Problems with Password Encryption (ITS#292)
From: Kurt@OpenLDAP.org
Date: Fri, 17 Sep 1999 16:46:56 GMT

At 03:04 PM 9/17/99 GMT, rv33100@glaxowellcome.co.uk wrote:
>Dear All
>
> I don't have yet resolved my password problem and it's even getting worse. I am trying authentication via UserId and password using Apache Web Server and MOD_AUTH_LDAP. Seems it's a ldap problem.
>
>
>First case:  Password NON Crypted
>
>Result of ldapsearch:
>
>LDAP Server is V2: execute command with LDAP V2...
>uid=RVoglmaier, o=glaxowellcome, c=IT
>RVoglmaier, glaxowellcome, IT

I assume you enabled UFN printing.

>objectclass=top
>objectclass=person
>objectclass=organizationalPerson
>objectclass=inetOrgPerson
>cn=Reinhard Voglmaier
>givenname=Reinhard
>sn=Voglmaier
>annolaurea=1980
>iscrizionealbo=69873469814693
>dataiscrizionealbo=13.13.1999
>ordine=123213873248763
>cittaiscrizionealbo=milano
>mail=rv33100%40ggr.co.uk
>ospedaleuniversita=?
>reparto=?
>indirizzoospuni=?
>capospuni=?
>cittaospuni=?
>provinciaospuni=?
>indirizzostudio=?
>capstudio=?
>cittastudio=?
>provinciastudio=?
>indirizzocasa=?
>capcasa=?
>cittacasa=?
>provinciacasa=?
>uid=RVoglmaier
>userpassword=1234567890
>
>Here the auth module via Web is working fine. The command line results in a core dump.
>
>
>ldapsearch -D "uid=RVoglmaier,o=glaxowellcome,c=IT" -w "1234567890" cn=*
>LDAP Server is V2: execute command with LDAP V2...
>Bus Error(coredump)

Looks like ldapsearch is ill.  Considering the message about the
LDAP server, it's not OpenLDAP's ldapsearch.  Also note that cn=*
needs to be protect from shell expansion, ie: 'cn=*'.

>
>Executing the Command:
>/usr/local/bin/ldappasswd -b "o=glaxowellcome,c=IT" -D "cn=Directory Manager,o=glaxowellcome,c=IT" -w admin -H sha -t "uid=RVoglmaier, o=glaxowellcome, c=IT"
>
>changes the password ( as it should be ) in:
>userpassword={sha}EbrYZBr+nsdBWPUoElRzMtRYvA4=
>
>ldapsearch -D "uid=RVoglmaier,o=glaxowellcome,c=IT" -w "1234567890" cn=*
>LDAP Server is V2: execute command with LDAP V2...
>ldap_simple_bind_s: Invalid credentials

OpenLDAP slapd will also return InvalidCredentials if the bind DN
is not held by any of the server's databases.  Make sure you didn't
typo the DN.  You can also check the slapd log for details as to why
this error was returned.

Prev by Date: Re: Eoor indicated "Referral hop limit exceeded" (ITS#291)
Next by Date: slapd stability on Solaris 2.6 x86 (Solaris threads vs. Posix threads) (ITS#293)
Index(es):
- Chronological
- Thread