[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: can't bind to database

To: Dave Lewney <D.M.Lewney@sussex.ac.uk>
Subject: Re: can't bind to database
From: "Chris St. Pierre" <cas1650@NebrWesleyan.edu>
Date: Tue, 10 Feb 2004 09:53:48 -0600 (CST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <40289967.4010401@central.susx.ac.uk>
References: <Pine.GSO.4.50.0402091047190.5051-100000@newman.NebrWesleyan.edu> <40289967.4010401@central.susx.ac.uk>

I used PADL's migration tools to migrate my /etc flat files.  My shadow
passwords were MD5 hashed, and they appear to be yet further encrypted in the
LDAP tree.  I've got pam_password set to exop in my ldap.conf.

On Tue, 10 Feb 2004, Dave Lewney wrote:

>Chris St. Pierre wrote:
>> I've been working for some time now on migrating my Yellowdog Linux box from
>> passwd authentication to OpenLDAP 2.1.25.  I've finally gotten all of the
>> information migrated over, but I can't bind to the database as a regular user,
>> only as the root ("cn=manager," etc.) or, oddly enough, as an anonymous user.
>> When I try to bind as a user in the LDAP database, it gives me the following
>> error:
>>
>> shell> ldapsearch -x -W \
>>        -D 'uid=cas1650,ou=People,dc=students,dc=NebrWesleyan,dc=edu' \
>>        -b 'dc=students,dc=NebrWesleyan,dc=edu' -LLL 'uid=cas1650'
>> Enter LDAP Password:
>> ldap_bind: Invalid credentials (49)
>>
>> Also, if I try to do something that requires LDAP authentication via the
>> pam_ldap module, like changing my password, it will not recognize the LDAP
>> password:
>>
>> shell> passwd
>> Changing password for user cas1650.
>> Enter login(LDAP) password:
>> LDAP Password incorrect: try again
>> ...
>>
>> I've added the "[auth|account|password|session] sufficient
>> /lib/security/pam_ldap.so" lines to my /etc/pam.d/ files, and I've also
>> verified that the migration script I did shadowing correctly -- i.e., the
>> "userPassword" field is set to a real password, not to "x."  After that, I
>> really don't know what more to do.
>>
>> Any help would be greatly appreciated.
>>
>> Thanks,
>>
>> Chris St. Pierre
>>
>> ****************************************************************
>> "Listen: We are here on Earth to fart around. Don't let anybody
>>  tell you any different!"    --Kurt Vonnegut
>>
>
>How did you migrate the passwd info into your directory? How are you
>storing the userpassword attribute?
>
>Dave
>--
>Dave Lewney
>Principal Systems Programmer, IT Services
>University of Sussex, Brighton BN1 9QJ. Tel: 01273 678354 Fax: 01273 271956
>
>
>

****************************************************************
"Listen: We are here on Earth to fart around. Don't let anybody
 tell you any different!"    --Kurt Vonnegut

References:
- can't bind to database
  - From: "Chris St. Pierre" <cas1650@NebrWesleyan.edu>
- Re: can't bind to database
  - From: D.M.Lewney@sussex.ac.uk (Dave Lewney)

Prev by Date: Re: 1 schema to BIND them all?
Next by Date: Re: Rif: Re: Slapd stops working after a NOT graceful shutdown
Index(es):
- Chronological
- Thread