[Date Prev][Date Next] [Chronological] [Thread] [Top]

Invalid credentials: solved (finally!)

To: openldap-software@OpenLDAP.org
Subject: Invalid credentials: solved (finally!)
From: Mathew Hennessy <hennessy@netomat.net>
Date: Mon, 30 Sep 2002 11:28:57 -0400
User-agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.19-pre8-mjc2 i686)

Hi, Just a headsup in case someone has the same problem (and hoping this gets archived into google).. I had an issue where folks could not do user binds for authentication via crypt passwords, where we'd get 'Invalid credentials' errors when using ldap tools (ldapsearch, ldapmodify, etc), but other tools and software (samba, mozilla, etc) would work properly. As it turns out, we use a scripted web interface to change passwords in order to maintain samba ntPassword and lmPassword entries (we use samba as a PDC as well), which would run smbpasswd with a password script that would mangle the ldap entry's userPassword via ldapmodify. This script uses a really long salt and ldapmodify, and the crypted passwds coming out of it would be quite long (maybe 2x as long as ldappasswd-created passwds), so I changed the script to use a very basic 2-char salt, and things have started working!

Cheers,
- Matt

Prev by Date: Re: Mysql as a backend for LDAP
Next by Date: Re: Bind failure as admin
Index(es):
- Chronological
- Thread