[Date Prev][Date Next] [Chronological] [Thread] [Top]

ugh. Can't get OpenLDAP to auth users - only Manager.

To: ldap list <openldap-software@OpenLDAP.org>
Subject: ugh. Can't get OpenLDAP to auth users - only Manager.
From: "Brian K. Jones" <jonesy@CS.Princeton.EDU>
Date: 22 Jan 2003 12:13:32 -0500
Organization: Princeton University, Dept. of Computer Science

Hi,

I'm just getting started with OpenLDAP, and I must be a raging moron,
because I don't see others having the issues I am, and oddly, I haven't
seen this really addressed in all of my reading.  I'm following very
simple instructions, and it doesn't work.

I simply want the ability to perform an ldapsearch, as someone other
than 'Manager', using a password.  So here's an example command I'm
using:

ldapsearch -x -b 'ou=People,dc=my,dc=domain,dc=com' "(objectclass=*)" -h
ldap.my.domain.com -W -D 'uid=jonesy,ou=People,dc=my,dc=domain,dc=com'

I've tried multiple variations on the above, changing the base to the
basedn didn't work and is what I usually try first.

This returns 'ldap_bind: Invalid credentials'.  

Here's my entry in the ldif output when I do an ldapsearch as 'Manager'

dn: uid=jonesy,ou=People,dc=my,dc=domain,dc=com
uid: jonesy
cn: Brian K. Jones
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword:: e2NyeXB0fU9ORW (It's a hash - I improvised)
loginShell: /bin/bash
uidNumber: 3025
gidNumber: 34
homeDirectory: /home/jonesy
gecos: Brian K. Jones

So my password is in there, and I know my password at least!  However,
LDAP doesn't like me or something :-o  

Here's my slapd.conf:
========================================
include         /opt/local/etc/openldap/schema/core.schema
include         /opt/local/etc/openldap/schema/cosine.schema
include         /opt/local/etc/openldap/schema/inetorgperson.schema
include         /opt/local/etc/openldap/schema/nis.schema
include         /opt/local/etc/openldap/schema/misc.schema

pidfile         /opt/local/var/slapd.pid
argsfile        /opt/local/var/slapd.args

access to *
        by * read
        by anonymous auth
        by users read

loglevel 256
#######################################################################
# ldbm database definitions
#######################################################################

database        bdb
suffix          "dc=my,dc=domain,dc=com"
rootdn          "cn=Manager,dc=my,dc=domain,dc=com"
rootpw          {SSHA}OY68bOv
directory       /opt/local/var/openldap-data
index   objectClass     eq
====================================================

And here's my openldap/ldap.conf
====================================================
HOST    ldap.my.domain.com
BASE    dc=my,dc=domain,dc=com
====================================================

What is it that I've forgotten to do?
Thanks for your patience.
brian

Follow-Ups:
- Re: ugh. Can't get OpenLDAP to auth users - only Manager.
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: How can I lock a record using php-ldap?
Next by Date: RE: How can I lock a record using php-ldap?
Index(es):
- Chronological
- Thread