Re: I'm have a problem w/userPasswords and binding

["Pierangelo Masarati" <ando@sys-net.it>]

> I used ldappasswd to change a user password, but ldapsearch will not
> accept
> the credentials (error: ldap_bind: Invalid credentials).  I'm using the
> same
> password, SHA encrypted, as my personal password, and yet I can bind with
> my
> credentials but not with this other user.  The pricipal differences are
> that
> this other user is a special user that the mail system will use to bind
> and
> this special user has only two object classes, "top" and
> "linfieldSpecialUser" which is a custom class that allows only "cn", "ou"
> and
> "userPassword"
>
> Is there something else I need to do to enable this special user to bind?

Rob,

"Invalid credentials" is a catchall for almost any error during bind, to
avoid disclosing sensitive info (e.g. the user does not exist, or other
details about the account) to malicious clients.  I suggest you look at
server logs at a reasonable level (at worst, -d -1; -d 256 (STATS) or -d
384 (STATS+ACL) should be a good starting point) to find out more about
the real reason of your failure.

You don't say what versions of server and client you're using, so further
advise is not possible.

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497