[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8367) Unable to authenticate to AD when OpenLDAP 2.4 is set up in SASL mode

Full_Name: Ravi
Version: OpenLDAP 2.4
OS: RedHat Linux 6
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

We have OpenLDAP 2.3 running on Linux. It is set up in SASL mode authenticating
against multiple ADs. Everything works fine here.

We recently installed a new instance of OpenLDAP 2.4 running on RedHat Linux 6.
Then, we moved the slapd.conf and slapd-meta.conf file to the new instance, and
created the required users. 

When we run testsaslauthd, we are successfully able to authenticate against the
appropriate AD that the user is under. 

But we are not able to bind to the OpenLDAP by using the same credentials. I get
a Invalid credentials err 49, which indcates either credentials are incorrect,
which in this case its not, or the bind info is incorrect. 

testsaslauthd -u ravi@SONEPAR -p secret - WORKS

ldapsearch -x -D uid=ravi,ou=People,ou=company,dc=inside,dc=devserver,dc=com -w

results in: ldap_bind: Invalid credentials (49)

I have searched across many forums, compared the set up on the OpenLDAP 2.3 and
OpenLDAP 2.4 instances and cannot find any differences. 

Any suggestions on how to debug this is appreciated!