[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Cannot authenticate with user/password


This has been covered before.

Google: DB_CONFIG Expect poor performance

It's just Berkeley DB complaining that there's no DB_CONFIG file...  Harmless.

- chris

Chris Jacobs, Systems Administrator
Apollo Group  |  Apollo Marketing | Aptimus
2001 6th Ave Ste 3200 | Seattle, WA 98121
phone: 206.441.9100 x1245 | mobile: 206.601.3256 | fax: 206.441.9661
email: chris.jacobs@apollogrp.edu

----- Original Message -----
From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
To: Jonathan Clarke <jonathan@phillipoux.net>
Cc: stybla@turnovfree.net <stybla@turnovfree.net>; rahul.manchanda@bt.com <rahul.manchanda@bt.com>; openldap-technical@openldap.org <openldap-technical@openldap.org>
Sent: Mon Jul 12 07:30:36 2010
Subject: Re: Cannot authenticate with user/password

Thanks guys!

Now when I start slapd, I do not understand the output:
@(#) $OpenLDAP: slapd 2.4.22 (Jun  9 2010 08:15:30) $
Backend ACL: access to *
         by self write
         by users read
         by anonymous auth

Backend ACL: access to *
         by * none

config_back_db_open: line 0: warning: cannot assess the validity of the
ACL scope within backend naming context
bdb_db_open: warning - no DB_CONFIG file found in directory
/shibidp/LDAP/var/data: (2).
Expect poor performance for suffix "dc=ldap,dc=mimas,dc=ac,dc=uk".
bdb_monitor_db_open: monitoring disabled; configure monitor database to
slapd starting

Jonathan Clarke wrote:
> On Mon, 12 Jul 2010 14:13:27 +0100, Nicholas Syrotiuk
> <syrotiuk@manchester.ac.uk> wrote:
>> Dear OpenLDAP users,
>> We have downloaded OpenLDAP 2.4.22 from Sunfreeware.com and installed
>> it.  We have successfully imported the LDAP data from another server.
>> We are using the *simple* authentication method.
>> I can authenticate as rootdn but not as a user.  Is there something
>> wrong with my access control list:
>> -----------------------
>> access to *
>>      by self write
>>      by users read
>>      by anonymous none
>> -------------------------
>> I have tried running slapd with debugging switched on but could not
>> diagnose the problem.
>> Any ideas on how to troubleshoot this?
> Troubleshooting ACLs is greatly made easier by using "loglevel acl" in
> slapd.conf or "-d acl" on the command line.
> In this case, you need to allow anonymous users auth privileges so that
> they can authenticate. See
> http://www.openldap.org/doc/admin24/access-control.html#The%20access%20to%20grant
> for details.
> Regards,
> Jonathan

N Syrotiuk | Mimas | University of Manchester | Manchester  M13 9PL

This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.