[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: unable to perform authenticated binds

Thanks all.. I have read the man of ldif.... your advice has gotten me
quite far both in my current implementation and in my overall
understanding of LDAP which I am hoping grows with each passing day.

 In my attempt to build my current directory, I have taken a dump of
my last successful implementation (which was created on FreeBSD 8.1)
and substituted values for the dc=company and dc=com values with the
correct ones for the current directory (attempting to implement under
CentOS 5.4) and even tho the correct schemas are in place it is
choking on this entry:

# defaults, sudoers, Services, acadaca.com
dn: cn=defaults,ou=sudoers,ou=Services,dc=acadaca,dc=net
objectClass: top
objectClass: sudoRole
cn: defaults
description: Default sudoOption's go here

And again I should have all the schemas in place to make this work...

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/misc.schema
inlcude         /etc/openldap/schema/sudoers.schema
include         /etc/openldap/schema/openldap.schema

Why this ldif will work in one directory but not another is a mystery
at this point..

thanks again

On Wed, Nov 3, 2010 at 9:43 PM, Howard Chu <hyc@symas.com> wrote:
> Quanah Gibson-Mount wrote:
>> --On Wednesday, November 03, 2010 6:09 PM -0400 Tim Dunphy
>> <bluethundr@gmail.com>  wrote:
>>> holy crap!! it was the extra colon that killed it! found it, fixed
>>> it.. man oh man sorry for the intrusion!
>> Yeah, :: on userPassword means it is base-64 encoded already, and clearly
>> that bit of LDIF was not base-64 encoded. ;)
> And again, stuff like this is clearly documented in the ldif(5) manpage...
> --
>  -- Howard Chu
>  CTO, Symas Corp.           http://www.symas.com
>  Director, Highland Sun     http://highlandsun.com/hyc/
>  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9

Share and enjoy!!