Re: Unable to run ldapsearch

Enter LDAP Password:
daemon: activity on 1 descriptor
daemon: activity on: 11r
daemon: read activity on 11
daemon: select: listen=7 active_threads=0 tvp=NULL
connection_get(11)
connection_get(11): got connid=3
connection_read(11): checking for input on id=3
ber_get_next
ldap_read: want=8, got=8
0000: 30 2d 02 01 02 60 28 02                            0-...`(.
ldap_read: want=39, got=39
0000: 01 03 04 19 6f 75 3d 50 65 6f 70 6c 65 2c 64 63   ....ou=People,dc
0010: 3d 6d 79 6f 72 67 2c 64 63 3d 63 6f 6d 80 08 64   =myorg,dc=com..d
0020: 32 65 6b 77 32 6e 67                               password
ber_get_next: tag 0x30 len 45 contents:
ber_dump: buf=2ee5e0 ptr=2ee5e0 end=2ee60d len=45
0000: 02 01 02 60 28 02 01 03 04 19 6f 75 3d 50 65 6f   ...`(.....ou=Peo
0010: 70 6c 65 2c 64 63 3d 6d 79 6f 72 67 2c 64 63 3d   ple,dc=myorg,dc=
0020: 63 6f 6d 80 08 64 32 65 6b 77 32 6e 67            com..password
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
conn=3 op=1 do_bind
daemon: activity on 1 descriptor
ber_scanf fmt ({imt) ber:
ber_dump: buf=2ee5e0 ptr=2ee5e3 end=2ee60d len=42
0000: 60 28 02 01 03 04 19 6f 75 3d 50 65 6f 70 6c 65   `(.....ou=People
0010: 2c 64 63 3d 6d 79 6f 72 67 2c 64 63 3d 63 6f 6d   ,dc=myorg,dc=com
0020: 80 08 64 32 65 6b 77 32 6e 67                     ..password
ber_scanf fmt (m}) ber:
daemon: waked
ber_dump: buf=2ee5e0 ptr=2ee603 end=2ee60d len=10
0000: 00 08 64 32 65 6b 77 32 6e 67                     ..password
>>> dnPrettyNormal: <ou=People,dc=myorg,dc=com>
=> ldap_bv2dn(ou=People,dc=myorg,dc=com,0)
<= ldap_bv2dn(ou=People,dc=myorg,dc=com)=0
daemon: select: listen=7 active_threads=0 tvp=NULL
=> ldap_dn2bv(272)
<= ldap_dn2bv(ou=People,dc=myorg,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(ou=people,dc=myorg,dc=com)=0
<<< dnPrettyNormal: <ou=People,dc=myorg,dc=com>, <ou=people,dc=myorg,dc=com>
conn=3 op=1 BIND dn="ou=People,dc=myorg,dc=com" method=128
do_bind: version=3 dn="ou=People,dc=myorg,dc=com" method=128
==> bdb_bind: dn: ou=People,dc=myorg,dc=com
bdb_dn2entry("ou=people,dc=myorg,dc=com")
send_ldap_result: conn=3 op=1 p=3
send_ldap_result: err=49 matched="" text=""
send_ldap_response: msgid=2 tag=97 err=49
ber_flush2: 14 bytes to sd 11
0000: 30 0c 02 01 02 61 07 0a 01 31 04 00 04 00         0....a...1....
ldap_write: want=14, written=14
0000: 30 0c 02 01 02 61 07 0a 01 31 04 00 04 00         0....a...1....
conn=3 op=1 RESULT tag=97 err=49 text=
ldap_bind: Invalid credentials (49)
daemon: activity on 1 descriptor
daemon: activity on: 11r
daemon: read activity on 11
daemon: select: listen=7 active_threads=0 tvp=NULL
connection_get(11)
connection_get(11): got connid=3
connection_read(11): checking for input on id=3
ber_get_next
ldap_read: want=8, got=0

On Wed, Mar 19, 2008 at 4:07 AM, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:

On Tuesday 18 March 2008 17:59:16 Kevin Kim wrote:
> I also did
>
> $ /opt/bin/ldapadd -Z -x -W -D "cn=Manager,dc=myorg,dc=com" -v -f
> person.ldif

[...]

> $ /opt/bin/ldapsearch -x -W -D "uid=testuser,ou=People,dc=myorg,dc=com"
> "(objectclass=*)"
> Enter LDAP Password:
> ldap_bind: Confidentiality required (13)
> additional info: TLS confidentiality required

This one seems quite obvious to me, but you use -Z on your ldapadd, but not on
your ldapsearch, while you have slapd configured to require transport
security. Surely it is obvious you should use -Z with the ldapsearch?

Regarding ldapwhoami, did you read the man page, or the --help output? It
takes similar options to ldapsearch, and you didn't provide any (while you
need to for "simple" binds).

Regards,
Buchan