ldap_bind: Invalid credentials when loading initial entries

[Albert Bihler <al_bihler99@yahoo.de>]

Hi list,

I am totally new to this whole ldap thing. Currently I have got a pre installed openldap server on a Suse box. The server seems to run fine. I am following the Quick-Start Guide. When I try to add initial entries to my directory using ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f /home/albert/ldap/example.ldif, the system prompts me for LDAP Password. I enter "secret".

The system returns:
ldap_bind: Invalid credentials

:-(

example.ldif looks like:

dn: dc=example,dc=com
objectclass: dcObject
objectclass: organization
o: Example Company
dc: example
dn: cn=Manager,dc=example,dc=com
objectclass: organizationalRole
cn: Manager

slapd.conf looks like:

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org
pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
# Load dynamic backend modules:
# modulepath    /usr/lib/openldap/openldap
# moduleload    back_ldap.la
# moduleload    back_ldbm.la
# moduleload    back_passwd.la
# moduleload    back_shell.la
#
# Sample Access Control
#       Allow read access of root DSE
#       Allow self write access
#       Allow authenticated users read access
#       Allow anonymous users to authenticate
#
#access to dn="" by * read
#access to *
#       by self write
#       by users read
#       by anonymous auth
#
# if no access controls are present, the default is:
#       Allow read by all
#
# rootdn can always write!
#######################################################################
# ldbm database definitions
#######################################################################
database        ldbm
suffix          "dc=exa! mple,dc= com"
rootdn          "cn=Manager,dc=exampe,dc=com"
# rootdn                "cn=Manager,o=My Organization Name,c=US"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw  secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory       /var/lib/ldap
# Indices to maintain
index   objectClass     eq

running the same command with -d -1
prints the following stuff:

ldap_create
Enter LDAP Password:
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: localhost
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying ::1 389
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_ndelay_on: 4
ldap_is_sock_ready: 4
ldap_ndelay_off: 4
ldap_open_defconn: successful
ldap_send_server_request
ber_flush: 48 bytes to sd 4
  0000:  30 2e 02 01 01 60 29 02  01 03 04 1c 63 6e 3d 4d   0....`).....cn=M 
  0010:  61 6e 61 67 65 72 2c 64  63 3d 65 78 61 6d 70 6c   anager,dc=exampl 
  0020:  65 2c 64 63 3d 63 6f 6d  80 06 73 65 63 72 65 74   e,dc=com..secret 
ldap_write: want=48, written=48
  0000:  30 2e 02 01 01 60 29 02  01 03 04 1c 63 6e 3d 4d   0....`).....cn=M 
  0010:  61 6e 61 67 65 72 2c 64  63 3d 65 78 61 6d 70 6c   anager,dc=exampl 
  0020:  65 2c 64 63 3d 63 6f 6d  80 06 73 65 63 72 65 74   e,dc=com..secret 
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: localhost  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Wed May 28 11:57:14 2003
** Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
   Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
do_ldap_select
read1msg: msgid 1, all 1
ber_get_next
ldap_read: want=1, got=1
  0000:  30              &nb! sp;  ;                                 0                
ldap_read: want=1, got=1
  0000:  0c                                                 .                
ldap_read: want=12, got=12
  0000:  02 01 01 61 07 0a 01 31  04 00 04 00               ...a...1....     
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x08050778 ptr=0x08050778 end=0x08050784 len=12
  0000:  02 01 01 61 07 0a 01 31  04 00 04 00               ...a...1....     
ldap_read: message type bind msgid 1, original id 1
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08050778 ptr=0x0805077b end=0x08050784 len=9
  0000:  61 07 0a 01 31 04 00 04  00                        a...1....        
read1msg:  0 new referrals
read1msg:  mark request completed, id = 1
request 1 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08050778 ptr=0x0805077b end=0x08050784 len=9
 ! ; 0000:& nbsp; 61 07 0a 01 31 04 00 04  00                        a...1....        
ber_scanf fmt (}) ber:
ber_dump: buf=0x08050778 ptr=0x08050784 end=0x08050784 len=0
ldap_msgfree
ldap_perror
ldap_bind: Invalid credentials

Pretty much debug information but still don't have a clue how to fix it.

Any help would be very much apreciated.

Kind regards
Albert

---

Gesendet von http://mail.yahoo.de.
UNGLAUBLICH! Bis zu  1.200 Warenproben und Gutscheine koennen Sie mit diesen Service abstauben. Anmelden! www.probenking.de.