[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_bind: Invalid credentials (49)

To: Emmanuel Lecharny <elecharny@apache.org>
Subject: Re: ldap_bind: Invalid credentials (49)
From: "J. Bakshi" <joydeep@infoservices.in>
Date: Tue, 16 Jun 2009 13:00:01 +0530
Cc: openldap-technical@openldap.org
In-reply-to: <4A373F5E.9080708@nextury.com>
References: <4A373D13.8000707@infoservices.in> <4A373F5E.9080708@nextury.com>
User-agent: Thunderbird 2.0.0.19 (X11/20081227)

Emmanuel Lecharny wrote:
> J. Bakshi wrote:
>> Hello list,
>>
>> Here is a very typical problem. I have already done some googling but I
>> am more confused now.  I like to query a user information with his own
>> id and password.
>>
>> When I do this as cn=Manager the there is no problem
>>
>> ````````````````````````````````````````
>> ldapsearch -h 127.0.0.1 -b "ou=people,dc=example,dc=com" -x
>> "(&(objectclass=inetOrgPerson)(cn=test2))" uid  -D
>> "cn=Manager,dc=example,dc=com" -W
>> Enter LDAP Password:
>>
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <ou=people,dc=example,dc=com> with scope subtree
>> # filter: (&(objectclass=inetOrgPerson)(cn=test2))
>> # requesting: uid
>> #
>>
>> # test2, people, example.com
>> dn: cn=test2,ou=people,dc=example,dc=com
>> uid: rbilly
>>
>> # search result
>> search: 2
>> result: 0 Success
>>
>> # numResponses: 2
>> # numEntries: 1
>> ```````````````````````````````````````````````````````````````````
>>
>> Now if I search with the user credential the problem starts
>>
>> ``````````````````````````````````````````````````````
>> ldapsearch -h 127.0.0.1 -b "ou=people,dc=example,dc=com" -x
>> "(&(objectclass=inetOrgPerson)(cn=test2))" uid  -D
>> "uid=rbilly,ou=people,dc=example,dc=com" -W
>> Enter LDAP Password:
>>
>> ldap_bind: Invalid credentials (49)
>>
>> ````````````````````````````````````````````````
>>
>> I have typed the correct password and repeated the above command a no.
>> of times. But the same error.
>>
>> why  Invalid credentials ?
>>   
>
> Why is the base DN ("uid=rbilly,ou=people,dc=example,dc=com") in your
> second requestdifferent from the first request (
> "cn=test2,ou=people,dc=example,dc=com") ?
>


Hello Emmanuel,

Thanks for the great oneliner tip !!

The API which is doing the search is making the DN as    
("uid=rbilly,ou=people,dc=example,dc=com") and to debug it I also
executed the command manually based on the same DN.   But your kind
suggestion has clarified everything. I  have created some users and this
time I have inserted so that  the DN starts with uid  and I got success.

millions of thanks.

``````````````````````````````````````````````````

Follow-Ups:
- Re: ldap_bind: Invalid credentials (49)
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

References:
- ldap_bind: Invalid credentials (49)
  - From: "J. Bakshi" <joydeep@infoservices.in>
- Re: ldap_bind: Invalid credentials (49)
  - From: Emmanuel Lecharny <elecharny@apache.org>

Prev by Date: Re: ldap_bind: Invalid credentials (49)
Next by Date: Check ppolicy
Index(es):
- Chronological
- Thread