[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Auth failing!



Hi.

Are your server Linuxes by any chance ? From the PIDs, I can see you're running
multi-thread. OpenLDAP 1.2.11 is not designed to work with Linux threads. I had
problems with authentication until I found that out and recompiled single
threaded.

Cthulhu wrote:
> 
> We are using old OpenLDAP 1.2.11 for authentication purpose.
> 
> Some user are recognized, others give that result in log file:
> 
> Nov 22 11:00:35 myldapserver slapd[7600]: conn=4 fd=10 connection
>         from localhost (127.0.0.1) accepted.
> Nov 22 11:00:35 myldapserver slapd[7811]: conn=4 op=0 BIND
>         dn="CN=FIORI RAFFAELLA (R.FIORI),OU=EMPLOYEE,OU=PEOPLE,O=MYFARM,C=IT"
>         method=128
> Nov 22 11:00:35 myldapserver slapd[7811]: conn=4 op=0 RESULT err=49
>         tag=97 nentries=0
> Nov 22 11:00:35 myldapserver slapd[7600]: conn=4 op=-1 fd=10 closed
>         errno=0
> Nov 22 11:00:42 myldapserver slapd[7812]: conn=1 op=2 UNBIND
> Nov 22 11:00:42 myldapserver slapd[7600]: conn=1 op=-1 fd=7 closed
>         errno=0
> 
> In this example, I'm using
> 
>         ldapadd -D "CN=FIORI RAFFAELLA (R.FIORI),OU=EMPLOYEE,OU=PEOPLE,O=MYFARM,C=IT" -W
> 
> which respond with "ldap_bind: Invalid credentials".
> I'm *REALLY* sure I'm using the right password and the right DN.
> We have tried even with plain ASCII password in the directory.
> 
> Someone can use its password, someone can't. Why? :?
> 
>         failingly,
>            Cthulhu
> 
> --
>    Ph'nglui mglw'nafh Cthulhu http://www.rlyeh.it/ wgah'nagl fhtgan!
>                          <f.sileno@agora.it>

-- 
Patrick Timmons, service informatique