invalid credential

[agerardin@ariane-ingenierie.net]

hello list,
I've just migrated to Openldap 2.3.2 db4.4 and cyrusSASL2.1.21 and I've try to
set up a new ldap directory (for test purposes).

Any test with the root admin is good but when I try to ask the directory with
an other user I got the invalid credentials(49) error.
I've check my password and dn a dozen of times, use ldappasswd to change my pass
simplify my ACL to the simple: access to * by * read, still got the same error.

Usually this kind of message involves very silly error but in this case I've
find nothing like this, even looking very closely to my code.


here is the demand:
 ./bin/ldapsearch -x -D "uid=mlapompe,ou=salaries,dc=ariane,dc=com" -w pass -b
"dc=ariane,dc=com"  uid=lapompe


here is the trace with -d 128 option:

conn=2 fd=12 ACCEPT from IP=127.0.0.1:51078 (IP=127.0.0.1:389)
conn=2 op=0 BIND dn="cn=admin,dc=ariane,dc=com" method=128
conn=2 op=0 BIND dn="cn=Admin,dc=ariane,dc=com" mech=SIMPLE ssf=0
conn=2 op=0 RESULT tag=97 err=0 text=
conn=2 op=1 PASSMOD id="uid=mlapompe,ou=salaries,dc=ariane,dc=com" new
<= acl_access_allowed: granted to database root
conn=2 op=1 RESULT oid= err=0 text=
conn=2 op=2 UNBIND
conn=2 fd=12 closed
conn=3 fd=12 ACCEPT from IP=127.0.0.1:50753 (IP=127.0.0.1:389)
conn=3 op=0 BIND dn="uid=mlapompe,ou=salaries,dc=ariane,dc=com" method=128
=> access_allowed: auth access to "uid=mlapompe,ou=salaries,dc=ariane,dc=com"
"userPassword" requested
=> acl_get: [1] attr userPassword
access_allowed: no res from state (userPassword)
=> acl_mask: access to entry "uid=mlapompe,ou=salaries,dc=ariane,dc=com", attr
"userPassword" requested
=> acl_mask: to value by "", (=0)
<= check a_dn_pat: self
<= acl_mask: no more <who> clauses, returning =0 (stop)
=> access_allowed: auth access denied by =0
conn=3 op=0 RESULT tag=97 err=49 text=
conn=3 fd=12 closed (connection lost)


please help I really don't know where to search now