[Date Prev][Date Next]
Re: ldap_bind: Invalid credentials (49)
On Tuesday 16 June 2009 09:30:01 J. Bakshi wrote:
> Emmanuel Lecharny wrote:
> Thanks for the great oneliner tip !!
> The API which is doing the search is making the DN as
> ("uid=rbilly,ou=people,dc=example,dc=com") and to debug it I also
> executed the command manually based on the same DN. But your kind
> suggestion has clarified everything. I have created some users and this
> time I have inserted so that the DN starts with uid and I got success.
Note that most likely your application is broken, assuming that the DN can be
constructed from a suffix and a username is not a good idea. The application
should search for an entry that has a matching value for the "username"
attribute is using, and bind as the resulting DN. This would allow the RDN to
differ from the username attribute.