[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: do_bind: invalid dn

To: Dan Burkland <dburklan@NMDP.ORG>, openldap-software@openldap.org
Subject: Re: do_bind: invalid dn
From: Joshua Lim <joshua__lim@hotmail.com>
Date: Wed, 19 May 2010 22:26:10 +0800
In-reply-to: <864520E139D6854083B6143334E76A000361CF53B6@EXCH07MB01.NMDP.ORG>
References: <mailman.0.1273084619.6404.openldap-software@openldap.org> <BLU0-SMTP708F3D7CD750090642C432ADF40@phx.gbl> <201005062157.31069.bgmilne@staff.telkomsa.net> <BLU0-SMTP98E66E18E0345ECD239F80ADF90@phx.gbl> <BLU0-SMTP3259C418F11F0761BE1D3CADE00@phx.gbl> <864520E139D6854083B6143334E76A000361CF53B6@EXCH07MB01.NMDP.ORG>
User-agent: Thunderbird 2.0.0.14 (Windows/20080421)

Dan Burkland wrote:

-----Original Message-----
From: openldap-software-bounces+dburklan=nmdp.org@OpenLDAP.org [mailto:openldap-software-bounces+dburklan=nmdp.org@OpenLDAP.org] On Behalf Of Joshua Lim
Sent: Monday, May 17, 2010 12:21 PM
To: openldap-software@openldap.org
Subject: Re: do_bind: invalid dn

Any thoughts? I tried the following, entered the correct password'password' and got:ldap_bind: Invalid credentials (49)

ldapsearch -x -D cn=wael,dc=click,dc=com -h localhost -W -b ''namingContexts



Log shows:

slap_listener_activate(2):
 >>> slap_listener(ldap://JOSHUAPC:389)
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 47 contents:
op tag 0x60, time 1273506428
ber_get_next
conn=0 op=0 do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
 >>> dnPrettyNormal: <cn=wael,dc=click,dc=com>
<<< dnPrettyNormal: <cn=wael,dc=click,dc=com>, <cn=wael,dc=click,dc=com>
do_bind: version=3 dn="cn=wael,dc=click,dc=com" method=128
send_ldap_result: conn=0 op=0 p=3
send_ldap_response: msgid=1 tag=97 err=49
ber_flush2: 22 bytes to sd 2140
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next on fd 10 failed errno=0 (unknown WSA error)
connection_close: conn=0 sd=10


My slapd.conf (i basically used the default, only suffix, rootdn and
rootpw is changed):
********************************
database    bdb
suffix        "dc=click,dc=com"
rootdn        "cn=wael,dc=click,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw        password
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory ./data
dirtyread
searchstack 20
# Indices to maintain
index mail pres,eq
index objectclass pres
index default eq,sub
index sn eq,sub,subinitial
index telephonenumber
index cn
--------------------------------------------------------------------------

I may be wrong but I believe your rootpw value needs to be a hash value. Use slappasswd to generate one and then replace password with it. Restart the service and let me know if you experience the same issue.

Regards,

Dan


Thanks Dan, yes, that was the reason.  :)

References:
- do_bind: invalid dn
  - From: Joshua Lim <joshua__lim@hotmail.com>
- Re: do_bind: invalid dn
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>
- Re: do_bind: invalid dn
  - From: Joshua Lim <joshua__lim@hotmail.com>
- Re: do_bind: invalid dn
  - From: Joshua Lim <joshua__lim@hotmail.com>

Prev by Date: Re: cn=config and DB_CONFIG
Next by Date: Re: cn=config and DB_CONFIG
Index(es):
- Chronological
- Thread