[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Single User Authentication

To: Alexander Hartner <alex@j2anywhere.com>
Subject: Re: Single User Authentication
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 06 Feb 2006 21:45:08 -0800
Cc: Pierangelo Masarati <ando@sys-net.it>, openldap-software@OpenLDAP.org
In-reply-to: <B49816BA-AEA2-4453-A9B6-C4408C2EAE7B@j2anywhere.com>
References: <E71B114F-1494-4DCB-9196-2E22A01F73CC@j2anywhere.com> <1139262113.3358.47.camel@ando> <B49816BA-AEA2-4453-A9B6-C4408C2EAE7B@j2anywhere.com>

At 03:44 PM 2/6/2006, Alexander Hartner wrote:
>I now changed it to :
>
>access to dn.subtree="ou=people,o=j2anywhere,c=com"
>  by dn.one="cn=addressbook,o=j2anywhere,c=com" write
>  by * auth
>
>Yet I still get either error. Am I correct in assuming that because I  
>used a MD5 hashed password that I can savely ignore the -x flag.

No.

>To  
>be honest i am not sure which is the correct error. I think that the  
>second error message is the right one as I am not correctly  
>authentication (without the -x) in the first one. If you have any  
>further information please let me know.
>
>bumblebee ~ # ldapsearch -D "cn=addressbook,o=j2anywhere,c=com"  -w  
>password -x  -v -h 192.168.0.3
>ldap_initialize( ldap://192.168.0.3 )
>ldap_bind: Invalid credentials (49)

This error is discussed in the FAQ:
   http://www.openldap.org/faq/index.cgi?file=231 

>bumblebee ~ # ldapsearch -D "cn=addressbook,o=j2anywhere,c=com"  -w  
>password -v -h 192.168.0.3
>ldap_initialize( ldap://192.168.0.3 )
>ldap_sasl_interactive_bind_s: No such object (32)
>bumblebee ~ #

This error is discussed in the FAQ:
   http://www.openldap.org/faq/index.cgi?file=576


>Thanks
>Alex
>
>
>On 6 Feb 2006, at 21:41, Pierangelo Masarati wrote:
>
>>On Mon, 2006-02-06 at 21:15 +0000, Alexander Hartner wrote:
>>>I am trying to configure a single user on my directly which has
>>>access to a sub tree. So I added the following to my slapd.conf
>>>
>>>access to dn.subtree="ou=people,o=j2anywhere,c=com"
>>>  by dn.one="cn=addressbook,o=j2anywhere,c=com" write
>>
>>add a "by * auth" as the last <by> clause of your ACL; or add  
>>"access to
>>attrs=userPassword by * auth" as your first rule.
>>
>>p.
>>
>>
>>
>>
>>Ing. Pierangelo Masarati
>>Responsabile Open Solution
>>OpenLDAP Core Team
>>
>>SysNet s.n.c.
>>Via Dossi, 8 - 27100 Pavia - ITALIA
>>http://www.sys-net.it
>>------------------------------------------
>>Office:   +39.02.23998309
>>Mobile:   +39.333.4963172
>>Email:    pierangelo.masarati@sys-net.it
>>------------------------------------------
>

References:
- Single User Authentication
  - From: Alexander Hartner <alex@j2anywhere.com>
- Re: Single User Authentication
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: Single User Authentication
  - From: Alexander Hartner <alex@j2anywhere.com>

Prev by Date: Re: requirements for accessing schema in DIT
Next by Date: AW: LDAP 2.3.17 won't compile on Solaris 8 -- Openssl problem
Index(es):
- Chronological
- Thread