[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: why '{SSHA}***' method is "Invalid credentials (49)"?

To: "Rocky Zhou" <chowroc.z+l@gmail.com>
Subject: Re: why '{SSHA}***' method is "Invalid credentials (49)"?
From: "matthew sporleder" <msporleder@gmail.com>
Date: Tue, 3 Apr 2007 11:50:57 -0400
Cc: openldap-software@openldap.org
Content-disposition: inline
In-reply-to: <7847e5160704030313x280e4833w6048dbd4fa6ced5e@mail.gmail.com>
References: <7847e5160704030313x280e4833w6048dbd4fa6ced5e@mail.gmail.com>

On 4/3/07, Rocky Zhou <chowroc.z+l@gmail.com> wrote:

Now I'm making the openldap and Kerberos working together, I have a question
about the password the ldap used. The configuration file
/usr/local/etc/openldap/slapd.conf has these lines:
# rootpw                secret
rootpw          {SSHA}n+R5iqJRHTiaosqPJVx03NF+bIStW6pQ
while the second line is generated by slappasswd, I tried to use:
sh$ ldapadd -x -h localhost -D "cn=ldapadmin,dc=shoepx,dc=org" -f
passwd.ldif -w '{SSHA}n+R5iqJRHTiaosqPJVx03NF+bIStW6pQ'
to import accounts info into the database, but it reports:
ldap_bind: Invalid credentials (49)

If I use:
rootpw                secret
sh$ ldapadd -x -h localhost -D "cn=ldapadmin,dc=shoepx,dc=org" -f
passwd.ldif -w 'secret', it works.

So why does the '{SSHA}' method failed?

I think you should use ldapadd -w secret instead.

References:
- why '{SSHA}***' method is "Invalid credentials (49)"?
  - From: "Rocky Zhou" <chowroc.z+l@gmail.com>

Prev by Date: Re: err=52
Next by Date: Re: make test question
Index(es):
- Chronological
- Thread