[Date Prev][Date Next] [Chronological] [Thread] [Top]

Invalid credentials/password errors

To: <openldap-software@OpenLDAP.org>
Subject: Invalid credentials/password errors
From: a.brinkman@avades.nl (Alexander Brinkman)
Date: Wed, 28 Feb 2001 12:21:19 +0100
Importance: Normal

Hello all,

I have installed openldap version 2.0.7. I've set up an example ldap
directory, en converted my password/group files to it. This went fine (I
think). When I want to connect anonymously everything works fine. But when I
want to connect to the LDAP directory using a username/password, it failes
with an error 49 (invalid credentials). From what I have found out, I
susspect it has something to do with decrypting the password, but I'm not
sure.
Included is a debug output from my LDAP server.

You'll see that I want to connect as uid=eon,ou=People,dc=sprinter,dc=org.
The LDAP server can find this user, and the password attribute
(userPassword). It even says "access_allowed: auth access granted by auth
(=x)" after this. However, the LDAP server sends an error 49 back to the
client.
Am I doing something wrong here? Does anyone know a solution?

TIA,
	Alexander.

DEBUG OUTPUT:
Feb 28 12:04:25 eon slapd[4536]: daemon: select: listen=6 active_threads=0
tvp=NULL
Feb 28 12:06:25 eon slapd[4536]: daemon: activity on 1 descriptors
Feb 28 12:06:25 eon slapd[4536]: daemon: new connection on 9
Feb 28 12:06:25 eon slapd[4536]: daemon: conn=2 fd=9 connection from
IP=194.151.8.70:2145 (IP=0.0.0.0:389) accepted.
Feb 28 12:06:25 eon slapd[4536]: daemon: added 9r
Feb 28 12:06:25 eon slapd[4536]: daemon: activity on:
Feb 28 12:06:25 eon slapd[4536]:
Feb 28 12:06:25 eon slapd[4536]: daemon: select: listen=6 active_threads=0
tvp=NULL
Feb 28 12:06:25 eon slapd[4536]: daemon: activity on 1 descriptors
Feb 28 12:06:25 eon slapd[4536]: daemon: activity on:
Feb 28 12:06:25 eon slapd[4536]:  9r
Feb 28 12:06:25 eon slapd[4536]:
Feb 28 12:06:25 eon slapd[4536]: daemon: read activity on 9
Feb 28 12:06:25 eon slapd[4536]: connection_get(9)
Feb 28 12:06:25 eon slapd[4536]: connection_get(9): got connid=2
Feb 28 12:06:25 eon slapd[4536]: connection_read(9): checking for input on
id=2
Feb 28 12:06:25 eon slapd[4536]: do_bind
Feb 28 12:06:25 eon slapd[4536]: do_bind: version=2
dn="uid=eon,ou=People,dc=sprinter,dc=org" method=128
Feb 28 12:06:25 eon slapd[4536]: conn=2 op=0 BIND
dn="UID=EON,OU=PEOPLE,DC=SPRINTER,DC=ORG" method=128
Feb 28 12:06:25 eon slapd[4536]: ==> ldbm_back_bind: dn:
uid=eon,ou=People,dc=sprinter,dc=org
Feb 28 12:06:25 eon slapd[4536]: dn2entry_r: dn:
"UID=EON,OU=PEOPLE,DC=SPRINTER,DC=ORG"
Feb 28 12:06:25 eon slapd[4536]: => dn2id(
"UID=EON,OU=PEOPLE,DC=SPRINTER,DC=ORG" )
Feb 28 12:06:25 eon slapd[4536]: => ldbm_cache_open(
"/var/lib/ldap/dn2id.gdbm", 34, 600 )
Feb 28 12:06:26 eon slapd[4536]: <= ldbm_cache_open (cache 0)
Feb 28 12:06:26 eon slapd[4536]: <= dn2id 116
Feb 28 12:06:26 eon slapd[4536]: => id2entry_r( 116 )
Feb 28 12:06:26 eon slapd[4536]: => ldbm_cache_open(
"/var/lib/ldap/id2entry.gdbm", 34, 600 )
Feb 28 12:06:26 eon slapd[4536]: <= ldbm_cache_open (cache 1)
Feb 28 12:06:26 eon slapd[4536]: => str2entry
Feb 28 12:06:26 eon slapd[4536]: <=
str2entry(uid=eon,ou=People,dc=sprinter,dc=org) -> -1 (0x81120a0)
Feb 28 12:06:26 eon slapd[4536]: entry_rdwr_rlock: ID: 116
Feb 28 12:06:26 eon slapd[4536]: <= id2entry_r( 116 ) 0x81120a0 (disk)
Feb 28 12:06:26 eon slapd[4536]: => access_allowed: auth access to
"uid=eon,ou=People,dc=sprinter,dc=org" "userPassword" requested
Feb 28 12:06:26 eon slapd[4536]: => acl_get: [1] check attr userPassword
Feb 28 12:06:26 eon slapd[4536]: <= acl_get: [1] acl
uid=eon,ou=People,dc=sprinter,dc=org attr: userPassword
Feb 28 12:06:26 eon slapd[4536]: => acl_mask: access to entry
"uid=eon,ou=People,dc=sprinter,dc=org", attr "userPassword" requested
Feb 28 12:06:26 eon slapd[4536]: => acl_mask: to all values by "", (=n)
Feb 28 12:06:27 eon slapd[4536]: <= check a_dn_pat: self
Feb 28 12:06:27 eon slapd[4536]: <= check a_dn_pat: anonymous
Feb 28 12:06:27 eon slapd[4536]: <= acl_mask: [2] applying auth (=x) (stop)
Feb 28 12:06:27 eon slapd[4536]: <= acl_mask: [2] mask: auth (=x)
Feb 28 12:06:27 eon slapd[4536]: => access_allowed: auth access granted by
auth (=x)
Feb 28 12:06:27 eon slapd[4536]: send_ldap_result: conn=2 op=0 p=2
Feb 28 12:06:27 eon slapd[4536]: send_ldap_result: 49::
Feb 28 12:06:27 eon slapd[4536]: send_ldap_response: msgid=1 tag=97 err=49
Feb 28 12:06:27 eon slapd[4536]: conn=2 op=0 RESULT tag=97 err=49 text=
Feb 28 12:06:27 eon slapd[4536]: entry_rdwr_runlock: ID: 116
Feb 28 12:06:27 eon slapd[4536]: ====> cache_return_entry_r( 116 ): created
(0)
Feb 28 12:06:27 eon slapd[4536]: ber_get_next on fd 9 failed errno=11
(Resource temporarily unavailable)
Feb 28 12:06:27 eon slapd[4536]: daemon: select: listen=6 active_threads=0
tvp=NULL

Follow-Ups:
- RE: Invalid credentials/password errors
  - From: a.brinkman@avades.nl (Alexander Brinkman)

Prev by Date: Re: search not working
Next by Date: RE: Invalid credentials/password errors
Index(es):
- Chronological
- Thread