[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: confused: after PADL migration, can only search as Manager?

man, 2003-01-20 kl. 20:39 skrev Brian K. Jones:

> Here's what I'm getting:
>  > ldapsearch -L -W -D "uid=jonesy,ou=People,dc=my,dc=domain,dc=com"
> 'uid=jonesy' -x
> ldap_bind: Invalid credentials (49)
>  >

> However, if I use "cn=Manager,dc=my,dc=domain,dc=com" everything is fine
> - using all of the same flags and everything.  

> How does LDAP check if you're a valid user?  Does it not use the
> password that's in the user's entry in the directory itself?  The
> authentication stuff is really cloudy for me right now, so excuse my
> ignorance.  

It uses the dn. From your example, I'd guess you are using cn for the
first dn rdn, with uid as a complementary attribute. slapd will not
verify the node this way. If you use the uid instead of cn in the dn, it
will. But to my mind, this is not a Good Idea, nor does it agree with
the relevant rfc(s, haven't the number in my head, but they're all
packed with the Openldap tar distros)




Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl