[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: unable to bind using encrypted password (ITS#324)

To: openldap-its@OpenLDAP.org
Subject: RE: unable to bind using encrypted password (ITS#324)
From: rv33100@glaxowellcome.co.uk
Date: Fri, 15 Oct 1999 16:20:20 GMT

Heath

I have got two contributes handling with this problem:
1) on Linux world there an article specific on OpenLDAP from Mark Komarinski/Cary Collett: "Don't make me LDAP you" here the authors write: " I can't seem to get encrypted passwords working, . . .)
2) once upon a time I got the answer from Griff Miller ( griff.miller@pgs.com ) he writes that SHA authentication with OpenLDAP is working for him. He is using like me SUn SOlaris on a SPARC architecture. But he didn't give configuration hints or similar.

I believe it would be of interest to the group if encryption does work or not, and if it does work for some installations and for some not WHY does it not work in some installations.
I myself did not get much feedback until now. May be this time that we are two persons . . . .

Reinhard


> -----Original Message-----
> From:	heath@space.ne.mediaone.net [SMTP:heath@space.ne.mediaone.net]
> Sent:	gioved> ì 14 ottobre 1999 13:48
> To:	openldap-its@OpenLDAP.org
> Subject:	unable to bind using encrypted password  (ITS#324)
> 
> Full_Name: Heath Hendrickson
> Version: 0.9.4
> OS: Linux Redhat 5.2
> URL: 
> Submission from: (NULL) (129.83.19.1)
> 
> 
> I noticed another user with an open ticket and the same problem.  I've managed
> to repeat the problem on my setup.
> 
> After creating a valid user in the directory, setting the password using
> ldappasswd
> (binding as the rootDN), I can't bind as that user using ldapsearch.  The
> password
> for the rootDN is {crypt} in slapd.conf, and that doesn't seem to have
> problems.
> 
> I originally had {crypt} for the userPassword, and have since changed it to
> {sha},
> but neither of them is working.  Here's the output from the ldapsearch:
> 
> [root@space ldap]# ldapsearch -D
> "uid=heath,ou=People,dc=space,dc=ne,dc=mediaone,dc=net" -w XXXXXXX -b
> "dc=space,dc=ne,dc=mediaone,dc=net" "uid=heath"
> ldap_bind: Invalid credentials
> 
> doing the same as the rootDN yields:
> 
> [root@space ldap]# ldapsearch -D "cn=dirman,dc=space,dc=ne,dc=mediaone,dc=net"
> -w XXXXXXX -b "dc=space,dc=ne,dc=mediaone,dc=net" "uid=heath"
> uid=heath,ou=People,dc=space,dc=ne,dc=mediaone,dc=net
> uid=heath
> cn=Heath S Hendrickson
> givenname=Heath S
> sn=Hendrickson
> mail=heath@space.ne.mediaone.net
> objectclass=person
> objectclass=organizationalPerson
> objectclass=inetOrgPerson
> objectclass=account
> objectclass=posixAccount
> objectclass=top
> objectclass=kerberosSecurityObject
> objectclass=shadowAccount
> shadowlastchange=10596
> shadowmax=99999
> shadowwarning=7
> krbname=heath@SPACE.NE.MEDIAONE.NET
> loginshell=/bin/bash
> uidnumber=500
> gidnumber=500
> homedirectory=/home/heath
> gecos=Heath S Hendrickson
> modifytimestamp=19991014113650Z
> modifiersname=cn=dirman,dc=space,dc=ne,dc=mediaone,dc=net
> userpassword={sha}XXXXXXXXXXXXXXX
> 
> The rootDN is defined in slapd.conf as:
> 
> rootdn		"cn=dirman,dc=space,dc=ne,dc=mediaone,dc=net"
> rootpw		{crypt}XXXXXXXXXXX
> 
> 
>

Prev by Date: ability to have openLDAP store password in secure format automatically (ITS#326)
Next by Date: RE: unable to bind using encrypted password (ITS#324)
Index(es):
- Chronological
- Thread