[Date Prev][Date Next]
Re: Unable to run ldapsearch
This is output for ldapsearch, I am not sure it's much different from the previous post.
=> access_allowed: auth access to "uid=testuser,ou=People,dc=myorg,dc=com" "userPassword" requested
=> acl_get:  attr userPassword
=> slap_access_allowed: result not in cache (userPassword)
=> acl_mask: access to entry "uid=testuser,ou=People,dc=myorg,dc=com", attr "userPassword" requested
=> acl_mask: to value by "", (=0)
<= check a_dn_pat: *
<= acl_mask:  applying write(=wrscxd) (stop)
<= acl_mask:  mask: write(=wrscxd)
=> slap_access_allowed: auth access granted by write(=wrscxd)
=> access_allowed: auth access granted by write(=wrscxd)
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: err=49 matched="" text=""
send_ldap_response: msgid=2 tag=97 err=49
Here is my ACL now:
access to attrs=userPassword
by * write
by * read
access to *
by * read
This is my LDAP build options:
./configure --prefix=/opt --enable-bdb --enable-crypt --enable-spasswd --with-threads --with-tls --with-cyrus-sasl --without-kerberos --disable-ipv6 --enable-slurpd --enable-cleartext --enable-wrappers
I am not sure this info will help anything :
LDFLAGS=-L/opt/lib -L/usr/local/BerkeleyDB.4.6/lib -L/opt/ssl/lib -L/opt/lib/sasl2 -L/usr/lib -R/opt/ssl/lib -R/opt/lib/sasl -L/usr/local/ssl/lib
CPPFLAGS=-I/opt/lib -I/opt/ssl/include -I/usr/local/BerkeleyDB.4.6/include -I/opt/include/sasl
On Wed, Mar 19, 2008 at 10:23 AM, Buchan Milne <email@example.com
On Wednesday 19 March 2008 15:40:13 Kevin Kim wrote:Generally, debugging at the client side is not useful if you know exactly what
> I did same option as ldapadd, but I am not getting any output.
> /opt/bin/ldapsearch -Z -x -W -D "ou=People,dc=myorg,dc=com"
> Enter LDAP Password:
the client was trying, the error:
> ldap_bind: Invalid credentials (49)
So, to me it looks like ou=People,dc=myorg,dc=com does not have the password
you think it does, or the access controls to userPassword are too strict, or
the password hash you are using is not supported by your build.
At this point it's probably best asking how you compiled slapd (what configure
options, what linker flags you used).