[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: I'm have a problem w/userPasswords and binding



ACL problem?  What about the access anonymous has to both entries
userPassword?  You can check it by adding 128 to your log level.

p.

>
> --On Friday, October 08, 2004 09:19:31 AM +0200 Pierangelo Masarati
> <ando@sys-net.it> wrote:
>  >
>> Rob,
>>
>> "Invalid credentials" is a catchall for almost any error during bind,
> to
>> avoid disclosing sensitive info (e.g. the user does not exist, or
> other
>> details about the account) to malicious clients.  I suggest you look
> at
>> server logs at a reasonable level (at worst, -d -1; -d 256 (STATS) or
> -d
>> 384 (STATS+ACL) should be a good starting point) to find out more
> about
>> the real reason of your failure.
>>
>> You don't say what versions of server and client you're using, so
> further
>> advise is not possible.
>>
>> p.
>>
>> --
>> Pierangelo Masarati
>> mailto:pierangelo.masarati@sys-net.it
>>
>>
>>
>>     SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax:
> +390382476497
>>
>>
>
> Pierangelo,
>  Also, here is the antry for the DN that can't successfully bind (yes,
> I did replace the password a
> string of Xs -- other than that, this is the unmodified output from
> ldapsearch):
>
> # extended LDIF
> #
> # LDAPv3
> # base <o=linfield.edu> with scope sub
> # filter: cn=postfix
> # requesting: ALL
> #
>
> # Postfix, Special Users, linfield.edu
> dn: cn=Postfix,ou=Special Users,o=linfield.edu
> objectClass: top
> objectClass: linfieldSpecialUser
> cn: Postfix
> ou: Special Users
> userPassword:: XXXXXXXXXXXXXXXXXXXXXXXXXXXX
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
>
> Thanks,
> Rob
>
> --
> Rob Tanner
> UNIX Services Manager
> Linfield College, McMinnville OR
>


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497