Re: Secret not in database

Surprisingly, I had to remove the cn=synamatixdev.com in the authz-regexp statement below then only it can match and look for the admin id i created with saslpasswd -c

authz-regexp uid=(.*),cn=digest-md5,cn=auth cn=Manager,dc=synamatixdev,dc=com

However, when i tried to add my users using ldfi format, i encounter some problems.

First, it's the schema issue. When i included inetorgperson schema, it keeps on throwing messages about certain audio, homePhone objectClass structural object not existing. So, i removed all those objects ldap complains and i managed to start my slapd.

After that, when i tried to add my user with the ldif format as below:

dn: ou=people,dc=synamatixdev,dc=com

ou: people

objectClass: organizationalunit

objectClass: inetorgperson

dn: uid=user1,ou=people,dc=synamatixdev,dc=com

uid: user1

cn: Mary

cn: Mary Terry

objectClass: inetorgperson

objectClass: account

objectClass: top

objectClass: shadowAccount

sn: Terry

userPassword: user123

I receive the error message below when i tried to add with slapadd:

str2entry: invalid value for attributeType objectClass #1 (syntax 1.3.6.1.4.1.1466.115.121.1.38)

I am not very sure about the objectClass allowed for OpenLdap 2.3.27. Why does it say there's invalid value for attributeType? PLease help, thanks!

2009/8/6 Michael Ströder <michael@stroeder.com>

Seau Yeen Su wrote:
>
> I have successfully installed cyrus-sasl-2.1.23 and openldap-2.3.27 plus
> BerkeleyDB.4.3 in my RHEL5.2 server. After the installation, i used
> saslpasswd2 -c to create an admin user:
>
> saslpasswd2 -c admin

Do you actually have an entry with (uid=admin) in your LDAP server?

> After that, I thought of doing a search on the database with the command :
> ldapsearch -H ldap:///localhost -Y DIGEST-MD5 -d 2 -U admin
> but it returned an error of :
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
>
> When i did a check on /etc/, the sasldb2 file is there.
> I do not know
> and understand why it cannot find this user. Did i miss out anything.
> Below is excerpt from my slapd.conf file
>
> password-hash {CLEARTEXT}
> authz-regexp uid=(.*),cn=synabase-dev5.synamatixdev.com

> <http://synabase-dev5.synamatixdev.com>,cn=DIGEST-MD5,cn=auth

> ldap:///dc=synamatixdev,dc=com??sub?uid=$1
> authz-regexp uid=(.*),cn=synabase-dev5.synamatixdev.com

> <http://synabase-dev5.synamatixdev.com>,cn=DIGEST-MD5,cn=auth uid=$1

You don't need /etc/sasldb2 if you want to use authz-regexp. Simply create an
LDAP entry with below your search root dc=synamatixdev,dc=com with attribute
uid set to admin and userPassword set in clear-text.

Ciao, Michael.

--
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com

--
Warmest Regards,
Seau Yeen

Follow-Ups:

Re: Secret not in database
- From: "Dieter Kluenter" <dieter@dkluenter.de>
Re: Secret not in database
- From: Michael Ströder <michael@stroeder.com>

References:

Secret not in database
- From: Seau Yeen Su <seauyeen@mgrc.com.my>
Re: Secret not in database
- From: Michael Ströder <michael@stroeder.com>