[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Invalid Credentials (49)

On 7/13/07, Ron Parker <sysop@scbbs.com> wrote:
I have created a bdb database using openldap on a RH Linux server with
basically the default configuration.

I'm able to log in with an LDAP client using the root dn and password:
"cn=Manager, dc=example, dc=com" (using "example.com" here instead of my
actual domain)

I've created an Organizational Unit called "Zimbra", and under Zimbra, I
have inetOrgPerson "Ron"

organizationalUnit = Zimbra
inetOrgPerson = Ron

Using ldapmodify (logging in as rootdn) I gave inetOrgPerson Ron a
password (userPassword)

In slapd.conf, I've given Ron access to write to the Zimbra ou:

access to dn.base="ou=Zimbra,dc=example,dc=com"
by dn="cn=Ron,ou=Zimbra,dc=example,dc=com" write

When I then use the following settings to log in as Ron using an LDAP
client, I get "Invalid Credentials (49)" error:

Host: example.com
Port: 389
Protocol: LDAP v3
DSML Service:
Base DN: ou=Zimbra,dc=example,dc=com
Level: User+Password
User DN: cn=Ron,ou=Zimbra,dc=example,dc=com
Password: <the password I set for inetOrgPerson Ron in userPassword field>

I thought this might have been an issue with my LDAP client, so I also
tried logging in locally on the server, using only ldapsearch:

ldapsearch -v -H "ldap://example.com"; -D
'cn=Ron,ou=Zimbra,dc=example,dc=com' -W -x -b 'ou=Zimbra,dc=example,dc=com'

And still get same error. Again, I can log in using rootdn (i.e.,
"Manger"), but not as any other user.

Can someone point out to me what I'm missing? Thanks so much for any

Can you show the ldif you used to add this user and the output of a
search for him?