[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: why '{SSHA}***' method is "Invalid credentials (49)"?

On 4/3/07, Rocky Zhou <chowroc.z+l@gmail.com> wrote:
Now I'm making the openldap and Kerberos working together, I have a question
about the password the ldap used. The configuration file
/usr/local/etc/openldap/slapd.conf has these lines:
# rootpw                secret
rootpw          {SSHA}n+R5iqJRHTiaosqPJVx03NF+bIStW6pQ
while the second line is generated by slappasswd, I tried to use:
sh$ ldapadd -x -h localhost -D "cn=ldapadmin,dc=shoepx,dc=org" -f
passwd.ldif -w '{SSHA}n+R5iqJRHTiaosqPJVx03NF+bIStW6pQ'
to import accounts info into the database, but it reports:
ldap_bind: Invalid credentials (49)

If I use:
rootpw                secret
sh$ ldapadd -x -h localhost -D "cn=ldapadmin,dc=shoepx,dc=org" -f
passwd.ldif -w 'secret', it works.

So why does the '{SSHA}' method failed?

I think you should use ldapadd -w secret instead.