[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: unable to perform authenticated binds

To: openldap-technical@openldap.org
Subject: Re: unable to perform authenticated binds
From: Tim Dunphy <bluethundr@gmail.com>
Date: Thu, 4 Nov 2010 15:37:53 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=n6mYE2a13tukzeyOPbN69kO0oDAONWwuzeZAp7OAxnA=; b=BUSl1DquNhUfs8n2gB3/ELTiR2qft+Yh2SxtmUPqYpuQ6GUT/eqZistqiJEE5oXgLL AAsk4CYdfeJnL5Zgl8O8dvFdaHIn8c3Oz97bMbYfElVHXN3US/g5XLxWfW2gKaJYH3C1 /x+dLBQmXjlkRF4jtXpW5pOrxoZnwTDjM5hqY=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=hppX5cdVgi+WgwXIT5debapJCubh5P4u3DEBZyETisFpDDsUe497Lg2LB/z72GKWJ6 yJrFRPwqWRWMkzDiwLgE//sqb3BMYcdrFVGPJ+vBTQiZzJguf2H+3ua/3WXhobGJwujb 0syCDXy9iVALEvYUXmPcz5j9zIYRABrkXT+b0=
In-reply-to: <4CD20FA6.4090104@symas.com>
References: <6C447584419BFE4E83D46E88F813148644B24A09B0@EXCH07-05.apollogrp.edu> <C707F62D290D86791B34D08F@192.168.1.17> <AANLkTi=9WP0hZ5+o47GqkNcdhMZqbCic9-aFB6peUJcJ@mail.gmail.com> <AANLkTi=6hCcBLrs_nQnOERphQtkS=cva72x=FfuDGkOQ@mail.gmail.com> <12B926CE65E9311D1234E794@192.168.1.17> <4CD20FA6.4090104@symas.com>

Thanks all.. I have read the man of ldif.... your advice has gotten me
quite far both in my current implementation and in my overall
understanding of LDAP which I am hoping grows with each passing day.

 In my attempt to build my current directory, I have taken a dump of
my last successful implementation (which was created on FreeBSD 8.1)
and substituted values for the dc=company and dc=com values with the
correct ones for the current directory (attempting to implement under
CentOS 5.4) and even tho the correct schemas are in place it is
choking on this entry:

# defaults, sudoers, Services, acadaca.com
dn: cn=defaults,ou=sudoers,ou=Services,dc=acadaca,dc=net
objectClass: top
objectClass: sudoRole
cn: defaults
description: Default sudoOption's go here


And again I should have all the schemas in place to make this work...


include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/misc.schema
inlcude         /etc/openldap/schema/sudoers.schema
include         /etc/openldap/schema/openldap.schema


Why this ldif will work in one directory but not another is a mystery
at this point..

thanks again






On Wed, Nov 3, 2010 at 9:43 PM, Howard Chu <hyc@symas.com> wrote:
> Quanah Gibson-Mount wrote:
>>
>> --On Wednesday, November 03, 2010 6:09 PM -0400 Tim Dunphy
>> <bluethundr@gmail.com>  wrote:
>>
>>> holy crap!! it was the extra colon that killed it! found it, fixed
>>> it.. man oh man sorry for the intrusion!
>>
>> Yeah, :: on userPassword means it is base-64 encoded already, and clearly
>> that bit of LDIF was not base-64 encoded. ;)
>
> And again, stuff like this is clearly documented in the ldif(5) manpage...
>
> --
>  -- Howard Chu
>  CTO, Symas Corp.           http://www.symas.com
>  Director, Highland Sun     http://highlandsun.com/hyc/
>  Chief Architect, OpenLDAP  http://www.openldap.org/project/
>



-- 
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9

Share and enjoy!!

Follow-Ups:
- Re: unable to perform authenticated binds
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

References:
- Re: unable to perform authenticated binds
  - From: Chris Jacobs <Chris.Jacobs@apollogrp.edu>
- Re: unable to perform authenticated binds
  - From: Tim Dunphy <bluethundr@gmail.com>
- Re: unable to perform authenticated binds
  - From: Tim Dunphy <bluethundr@gmail.com>
- Re: unable to perform authenticated binds
  - From: Howard Chu <hyc@symas.com>

Prev by Date: RE: pwdChangedTime: and system timestamp
Next by Date: Re: unable to perform authenticated binds
Index(es):
- Chronological
- Thread