[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Strange problem with binding authentication

To: "Marco Ferrante" <ferrante@unige.it>
Subject: Re: Strange problem with binding authentication
From: "Kurt D. Zeilenga" <kurt@boolean.net>
Date: Fri, 05 Nov 1999 11:58:37 -0800
Cc: openldap-software@OpenLDAP.org
In-reply-to: <199911051219.NAA29909@igecuniv.csita.unige.it>

At 01:17 PM 11/5/99 +0100, Marco Ferrante wrote:
>   I've a standard OpenLDAP SLAPD running well.
>I tried to use Netscape Directory Server 3 schema definition files instead of 
>SLAPD one's,

OpenLDAP configuration format != Netscape configuration format

>but any authenticated binding (except as root) is refused as 
>the password is incorrect.

You probably changed the syntax of userpassword from ces to bin.
Currently, OpenLDAP hashed password support requires (incorrectly)
that userpassword to be ces.

>  In debug mode, SLAPD return error 49.
>Only changes in slapd.conf is substitution of slapd.*.conf with 
>netscape.*.conf; difference I've seen between them are that if a class (ex. 
>organizationalPerson) is an extention of another one (ex. person), attributes 
>of parent class aren't redeclared.

OpenLDAP requires you expand each objectclass such that it contains
all attributes of its class and its superiors.  The 'sup' clause
is not understood.

>Note that in my tree, every entry with 
>objectclass organizationalPerson value have objectclass person too.
>  Any idea?

Don't use Netscape specific configuration directives in an OpenLDAP
configuration file.

----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>

References:
- Strange problem with binding authentication
  - From: "Marco Ferrante" <ferrante@unige.it>

Prev by Date: Re: Schema With OIDS ?
Next by Date: Searches for cn=x and commonname=x not returning same result.
Index(es):
- Chronological
- Thread