[Date Prev][Date Next] [Chronological] [Thread] [Top]

why '{SSHA}***' method is "Invalid credentials (49)"?

Now I'm making the openldap and Kerberos working together, I have a question about the password the ldap used. The configuration file /usr/local/etc/openldap/slapd.conf has these lines:
# rootpw                secret
rootpw          {SSHA}n+R5iqJRHTiaosqPJVx03NF+bIStW6pQ
while the second line is generated by slappasswd, I tried to use:
sh$ ldapadd -x -h localhost -D "cn=ldapadmin,dc=shoepx,dc=org" -f passwd.ldif -w '{SSHA}n+R5iqJRHTiaosqPJVx03NF+bIStW6pQ'
to import accounts info into the database, but it reports:
ldap_bind: Invalid credentials (49)

If I use:
rootpw                secret
ldapadd -x -h localhost -D "cn=ldapadmin,dc=shoepx,dc=org" -f passwd.ldif -w 'secret', it works.

So why does the '{SSHA}' method failed?