[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch for accont object class

To: openldap-technical@openldap.org
Subject: Re: ldapsearch for accont object class
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Thu, 21 Feb 2008 08:42:50 +0100
In-reply-to: <862880.34717.qm@web37302.mail.mud.yahoo.com> (Hamidreza Hamedtoolloei's message of "Wed, 20 Feb 2008 18:10:10 -0800 (PST)")
References: <862880.34717.qm@web37302.mail.mud.yahoo.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

Hamidreza Hamedtoolloei <hamedtoolloei@yahoo.com> writes:

> Dear Dieter ,
> Thanks for your response. I am using LDAP as a centrtal authentication unit,
> and migrated all the linux accounts to ldap via some migration tools.
> currently authentication for linux users work fine i.e. "su sriram then
> inputing the password" doesnt complain, but when I want to bind to ldap using
> a user DN (ex ldapsearch "uid=sriram,ou=People,dc=ibm,dc=com" -W -x) I get the
> Invalid credentials (49) error. I added  password-hash   {CRYPR} to my
> slapd.config file, however, it prevented the server from running.
>
> the other entry, "cn=fratbrother,ou=People,dc=ibm,dc=com", I added manually.
> Although the hashing method is SSHA, when I add password-hash   {MD5} to my
> slapd.config, I still can successfully bind. I dont know why this is
> happening... since the password-hash method has changed, I expect to get the
> Invalid credentials error... any ideas?

I presume that your crypt hashed passwords have ben created with a
diferent libcrypt than slapd and ldaptools have been compiled with.
See
http://www.openldap.org/faq/data/cache/1041.html


-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6

References:
- Re: ldapsearch for accont object class
  - From: Hamidreza Hamedtoolloei <hamedtoolloei@yahoo.com>

Prev by Date: Re: TLS LDAP Configuration w/Linux 5.0
Next by Date: Re: TLS LDAP Configuration w/Linux 5.0
Index(es):
- Chronological
- Thread