[Date Prev][Date Next]
Re: Possible ACL Issue while try to read Root DSE
-----BEGIN PGP SIGNED MESSAGE-----
On 11/28/2011 09:34 PM, Axel Birndt wrote:
> Hi @All,
> i'am new on this list and i have a question.
> While i'am using the tool web2ldap from Michael Stroeder and try to
> create a new entry with this tool.
> I'am using openldap with cn=config backend on ubuntu 10.04
> Michael mentioned it could be a acl problem, because his tool couldn't
> read the Root DSE
> If i specify the search base and the adminuser i could see the content
> of the Tree root.
> ldapsearch -b "dc=2axels-company,dc=de" -s base 'objectclass=*' -h
> localhost -D cn=admin,dc=2axels-company,dc=de -W
> But if i use ldapsearch with the following command i got nothing:
> ldapsearch -b "" -s base 'objectclass=*'
> ldap_sasl_interactive_bind_s: No such object (32)
Make sure you check your ldap.conf or explicitly say you require a
simple bind using the "-x" command line switch. What you're receiving
seems more like a bind failure (after which the client bails) than a
ldapsearch -x -D "" -s base -b "" -h localhost
If this does not print the RootDSE or returns anything other than a
success, your server ACL or other settings are most likely misconfigured.
> Could you help me please to identify if there is a problem with reading
> the Root DSE?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.