[Date Prev][Date Next] [Chronological] [Thread] [Top]

Binding to openldap fails



Hello,


I have OpenLDAP running on Ubuntu 12.04 . I use it as central directory for
authentication as well as contact list.

Authentication with LDAP works - locally and remotely. Also authentication
via samba (run on same server as OpenLDAP) works.

However, setting up the mail system (dovecot + postfix) I encountered a
problem new to me. When I try to bind as a "normal" user (here: bjoern) to
LDAP it fails with wrong credentials. I can assure that I did not mistyped
the password (tried multiple times). Login to the Linux system and samba
with same credentials (i.e. bjoern and his password) works.

Here is the part of syslog I expect to be the cause:

Jun 17 19:36:45 server slapd[23241]: <<< dnPrettyNormal:
<cn=bjoern,ou=Users,dc=domain,dc=my>, <cn=bjoern,ou=users,dc=domain,dc=my>
Jun 17 19:36:45 server slapd[23241]: conn=1003 op=0 BIND
dn="cn=bjoern,ou=Users,dc=domain,dc=my" method=128
Jun 17 19:36:45 server slapd[23241]: do_bind: version=3
dn="cn=bjoern,ou=Users,dc=domain,dc=my" method=128
Jun 17 19:36:45 server slapd[23241]:
Jun 17 19:36:45 server slapd[23241]: ==> hdb_bind: dn:
cn=bjoern,ou=Users,dc=domain,dc=my
Jun 17 19:36:45 server slapd[23241]:
bdb_dn2entry("cn=bjoern,ou=users,dc=domain,dc=my")
Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=8
active_threads=0 tvp=zero
Jun 17 19:36:45 server slapd[23241]: =>
hdb_dn2id("cn=bjoern,ou=users,dc=domain,dc=my")
Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=9
active_threads=0 tvp=zero
Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=10
active_threads=0 tvp=zero
Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=11
active_threads=0 tvp=zero
Jun 17 19:36:45 server slapd[23241]: <= hdb_dn2id: get failed: DB_NOTFOUND:
No matching key/data pair found (-30987)
Jun 17 19:36:45 server slapd[23241]: send_ldap_result: conn=1003 op=0 p=3
Jun 17 19:36:45 server slapd[23241]: send_ldap_result: err=49 matched=""
text=""
Jun 17 19:36:45 server slapd[23241]: send_ldap_response: msgid=1 tag=97
err=49


As I configure OpenLDAP "old school" with slapd.conf, here is the ACL set in
slapd.conf:

access to
attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by
anonymous auth by self write by * none
access to * by dn="cn=root,dc=domain,dc=my" write by * read
access to dn.base="" by * read


Googling for the above "DB_NOTFOUND", the only hint I could find were wrong
file permissions. As I have setup my system for quick backup / restore I
gave it a try and did "chmod -R 777 /" and also disabled apparmor. Yet,
there was no difference in the error message.


Could you please give me any indication for a solution?


Mit freundlichen Grüßen / Kind regards

Bjoern Wuest
 
 
Hausener Strasse 6a
82269 Geltendorf
Mobile: +49 1522 8777840