[Date Prev][Date Next] [Chronological] [Thread] [Top]

password problems

Hi,

I can not figure out why my AIX box does not want to authenticate with my ldap 
server.  I think I have a problem with the ldap setup so I can only bind to 
ldap with anonymous bind or with olcRoot.

Checking password for cn=admin,dc=axi,dc=intra (my LDAP manager account):
root@ldap1:/etc # ldapsearch -Y EXTERNAL -H ldapi:/// -b 
cn=admin,dc=axi,dc=intra
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
# extended LDIF
#
# LDAPv3
# base <cn=admin,dc=axi,dc=intra> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# admin, axi.intra
dn: cn=admin,dc=axi,dc=intra
cn: admin
objectClass: simpleSecurityObject
objectClass: organizationalRole
description: LDAP administrator
userPassword:: e1NTSEF9UkJXSitCZy92V2ZLNlJ5Rzdwa1pvOStpQUh5aSt4NG0=

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1


Changing password:
root@ldap1:/etc # ldappasswd -Y EXTERNAL -H ldapi:/// -s secret 
cn=admin,dc=axi,dc=intra
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0


Checking that the password is changed:
root@ldap1:/etc # ldapsearch -Y EXTERNAL -H ldapi:/// -b 
cn=admin,dc=axi,dc=intra
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
# extended LDIF
#
# LDAPv3
# base <cn=admin,dc=axi,dc=intra> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# admin, axi.intra
dn: cn=admin,dc=axi,dc=intra
cn: admin
objectClass: simpleSecurityObject
objectClass: organizationalRole
description: LDAP administrator
userPassword:: e1NTSEF9TnBIK0hBN2JpWEczb0FSU1YwQm5HWmZSVll3S0NaTms=

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1


Using the password:
root@ldap1:/etc # ldapsearch -D "cn=admin,dc=axi,dc=intra" -w secret
ldap_bind: Invalid credentials (49)

So I change the password but I can not use it ?


Stef

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________