[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: logging into slave ldap server

To: openldap-software@OpenLDAP.org
Subject: Re: logging into slave ldap server
From: Stefan Alfredsson <bulk@alfredsson.org>
Date: Tue, 12 Mar 2002 00:29:15 +0100
Content-disposition: inline
In-reply-to: <63604.63.121.110.34.1015883493.squirrel@webmail.linuxpowered.net>; from ldap@aphroland.org on Mon, Mar 11, 2002 at 01:51:33PM -0800
References: <63604.63.121.110.34.1015883493.squirrel@webmail.linuxpowered.net>
User-agent: Mutt/1.3.17i

On Mon, Mar 11, 2002 at 01:51:33PM -0800, nate wrote:
> I have been trying to login to one of my slave LDAP
> servers and everytime I try i always get "invalid credentials".
> Replication seems to be working as I can see the new
> samba stuff I added to the master on friday(or was it thursday),
> And i can browse the tree, I just cannot authenticate as
> the admin user. which is the same as on the master ldap
> server.

Is the "rootdn" and "rootpw" entries in slapd.conf the same on both
machines? (i.e. maybe you forgot to update it on the slave,
or maybe the "rootdn" is the replicating user)

ie: on master you have
rootdn	"cn=admin,dc=com"
rootpw   {SSHA}xxxx

and on the slave
rootdn   "cn=replicator,dc=com"
rootpw   {SSHA}yyyy

and then I assume you have an entry "cn=admin,dc=com" entry in your
database?

This means that you would have two set the rootpw in two places;
When authentication with master, you are verified against the rootpw
in slapd.conf. When authenticating against the slave (using the same
dn), then the userPassword of the admin _database entry_ is used...

Atleast if I understand the authentication process correctly :)

HTH,
 Stefan

Follow-Ups:
- Re: logging into slave ldap server
  - From: "nate" <ldap@aphroland.org>

References:
- logging into slave ldap server
  - From: "nate" <ldap@aphroland.org>

Prev by Date: logging into slave ldap server
Next by Date: Re: logging into slave ldap server
Index(es):
- Chronological
- Thread