[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Invalid Credentials when using ldappasswd

To: Dan White <dwhite@olp.net>
Subject: Re: Invalid Credentials when using ldappasswd
From: Matej Mailing <mailing@tam.si>
Date: Tue, 25 Sep 2012 21:19:02 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <20120925184000.GC6027@dan.olp.net>
References: <CAF44DZeKKKNx+-_P7BQefCH4mbOYTiaAQ1Ynb5orUW1iRtp2Bg@mail.gmail.com> <20120925184000.GC6027@dan.olp.net>

Hi all,

This was indeed a problem among other things. I was able to solve all
the issues with the big help of the Freenode (irc.freenode.net)
#openldap guys. IRC can be a really good interactive help source.

Thanks guys.

Regards,
Matej


2012/9/25 Dan White <dwhite@olp.net>:
> On 09/25/12 16:50 +0200, Matej Mailing wrote:
>>
>> Hi all,
>>
>> I have installed open LDAP utilities on Ubuntu 12.04 via apt-get
>> install. I have version 2.4.28-1.1ubuntu4 installed. I can connect
>> successully to the LDAP via phpldapadmin with login
>> cn=admin,dc=mydomain,dc=net and my administrator password.
>>
>> I want to create an administrator for the SOGo login with the
>> following ldif file:
>> "dn: ou=accounts,dc=domain,dc=net
>> objectClass: organizationalUnit
>> ou: accounts
>>
>> dn: uid=adminsogo,ou=accounts,dc=domain,dc=net
>> objectClass: top
>> objectClass: inetOrgPerson
>> objectClass: person
>> objectClass: organizationalPerson
>> uid: adminsogo
>> cn: SOGo Administrator
>> mail: sogo@domain.net
>> sn: Administrator
>> givenName: SOGAdmin
>> "
>>
>> When running ldapadd -f admin.ldif -x -W -D cn=admin,dc=domain,dc=net
>> and after entering the administrator password (the same I use to
>> log-in into phpldapadmin), I get:
>> "adding new entry "ou=accounts,dc=domain,dc=net"
>>
>> adding new entry "uid=sogadmin,ou=accounts,dc=domain,dc=net"
>> I assume that everything is OK at this point.
>>
>> The problem is when I enter:
>> ldappasswd -h localhost -x -W -D
>> cn=admin,dc=domain,dc=net,uid=sogadmin,ou=accounts,dc=domain,dc=net -s
>> newpass
>
>
> Your specified DN looks suspect. Your '-D' parameter should specify a DN
> which has permissions to change the password for your new user. Instead, it
> looks like you've joined the two DNs together. See the manpage for
> ldappasswd.
>
> Alternatively, you could specify a userPassword when you create the user,
> and
> then bind as that user to change its own password (assuming that it has
> permissions to change its own password).
>
>
>> I have to enter the LDAP password and I enter my administrator
>> password, but always get the output:
>> "ldap_bind: Invalid credentials (49)"
>>
>> When doing
>> "dapsearch -x -h localhost -b "dc=domain,dc=net" -s sub "objectclass=*""
>> I can see that an object sogadmin is created:
>> ".....
>> dn: uid=adminsogo,ou=accounts,dc=domain,dc=net
>> objectClass: top
>> objectClass: inetOrgPerson
>> objectClass: person
>> objectClass: organizationalPerson
>> uid: adminsogo
>> cn: SOGo Administrator
>> mail: sogo@domain.net
>> sn: Administrator
>> givenName:: U09HQWRtaW4g
>>
>> ..."
>>
>> What should I check to get past this "ldap_bind: Invalid credentials
>> (49)" when trying to ldappasswd of a new user?
>>
>> I am pretty sure this must be some basic thing, but I am really a
>> beginner in the LDAP field .. I have spent few days already trying to
>> solve this and any help will be very appreciated.
>
>
> --
> Dan White

References:
- Invalid Credentials when using ldappasswd
  - From: Matej Mailing <mailing@tam.si>
- Re: Invalid Credentials when using ldappasswd
  - From: Dan White <dwhite@olp.net>

Prev by Date: Re: Invalid Credentials when using ldappasswd
Next by Date: Re: ldapsearch stalling when performing searches with a large number of results
Index(es):
- Chronological
- Thread