LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-08-2008, 04:35 AM   #1
minakshi
LQ Newbie
 
Registered: Oct 2008
Location: gujarat
Distribution: RHEL5
Posts: 13

Rep: Reputation: 0
Unhappy ldap bind: invalid credential (49)


hello everyone

I am new member, I am working on RHEL5 and configured open ldap 2.3
everything is configured and working properly, but I am facing an
error while adding ldap user.
error is ldap bind: invalid credential (49)
I had configured normal ldap without TLS

here is my slapd.conf file..

include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema

allow bind_v2

pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args

database bdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}KanXW0bqz13BeIlbGLKuOdlAvcrVvxAh

directory /var/lib/ldap/example.com

# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub

I am using one script to add user..
that script is

#!/bin/bash
grep $1 /etc/passwd > /tmp/changeldappasswd.tmp
/usr/share/openldap/migration/migrate_passwd.pl /tmp/changeldappasswd.tmp /tmp/changeldappasswd.ldif.tmp
cat /tmp/changeldappasswd.ldif.tmp | sed s/padl/example/ > /tmp/changeldappasswd.ldif
ldapadd -x -D "cn=Manager,ou=People,dc=example,dc=com" -W -f /tmp/changeldappasswd.ldif
#rm -f /tmp/changeldappasswd


here is my ldif file
dn: uid=ldap4,ou=People,dc=example,dc=com
uid: ldap4
cn: ldap4
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}!!
shadowLastChange: 14159
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 505
gidNumber: 100
homeDirectory: /home/ldap4

Note:I had tried various solution,from google search and some forums
but failed
I think problem is in this statement
ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f /tmp/changeldappasswd.ldif
when this command is executed, it asks for password and after entering
password..I am facing error

So please if any one can help... thanks
 
Old 10-08-2008, 05:00 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,764

Rep: Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587
Quote:
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}KanXW0bqz13BeIlbGLKuOdlAvcrVvxAh
How did you create rootpw?
You can use:
Code:
slappasswd -s <password>
to create a hashed password to use in slapd.conf.

Last edited by bathory; 10-08-2008 at 07:25 AM.
 
Old 10-08-2008, 06:55 AM   #3
minakshi
LQ Newbie
 
Registered: Oct 2008
Location: gujarat
Distribution: RHEL5
Posts: 13

Original Poster
Rep: Reputation: 0
ya, exactly I had created hashed passwd using slappasswd
 
Old 10-08-2008, 08:42 AM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,764

Rep: Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587
Are you sure you copied correctly the output of slappaswd to the rootpw entry?
You can use plaintext, just for testing to see if ldappadd works:
Code:
rootpw secret
 
Old 10-10-2008, 12:21 AM   #5
minakshi
LQ Newbie
 
Registered: Oct 2008
Location: gujarat
Distribution: RHEL5
Posts: 13

Original Poster
Rep: Reputation: 0
I had tried simple text also, tried hashed password also (two to three time) but
everything failed, I had configured everything again and again, but no result.

For configuration, I had followed steps given on this link..
http://www.linuxhomenetworking.com/w...DAP_and_RADIUS

Is there any other problem, with steps or any mistake in any dc statement
 
Old 10-10-2008, 02:12 AM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,764

Rep: Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587Reputation: 1587
Quote:
Is there any other problem, with steps or any mistake in any dc statement
Unless there is a typo that we both cannot see, I don't find anything wrong. All I can think of right now is that you make sure that all lines in slapd.conf are aligned left, since slapd does not like white spaces. Use vi to see if there are no strange characters in slapd.conf

Last edited by bathory; 10-10-2008 at 02:13 AM.
 
Old 10-10-2008, 04:22 AM   #7
minakshi
LQ Newbie
 
Registered: Oct 2008
Location: gujarat
Distribution: RHEL5
Posts: 13

Original Poster
Rep: Reputation: 0
thanks a lot, I got success in adding ldap user

you are right, I removed all blank spaces, and blank lines.
and it is working...
Thanks....
 
Old 08-18-2010, 11:39 PM   #8
joel_saul
LQ Newbie
 
Registered: Aug 2010
Posts: 4

Rep: Reputation: 0
Quote:
Originally Posted by minakshi View Post
thanks a lot, I got success in adding ldap user

you are right, I removed all blank spaces, and blank lines.
and it is working...
Thanks....
Hi Sir, may i clarify on the way you removed blank spaces from slapd.conf, i tried to remove spaces but i still get the same error as yours. i'm also following the same steps as you did from LHN.

thanks
 
Old 01-18-2013, 01:29 PM   #9
ppostma1
LQ Newbie
 
Registered: Dec 2006
Location: Michigan USA
Distribution: slackware, ubuntu, Debian, knoppix, Fedora, CentOS
Posts: 14

Rep: Reputation: 0
one more possibility often overlooked

Make sure the section

`ldapadd -x -D "cn=Manager,ou=People,dc=example,dc=com"`

is properly entered or the ldap server will not be able to find the users credentials to match.
 
Old 01-18-2013, 02:48 PM   #10
ppostma1
LQ Newbie
 
Registered: Dec 2006
Location: Michigan USA
Distribution: slackware, ubuntu, Debian, knoppix, Fedora, CentOS
Posts: 14

Rep: Reputation: 0
explanation:

Quote:
Originally Posted by joel_saul View Post
Hi Sir, may i clarify on the way you removed blank spaces from slapd.conf, i tried to remove spaces but i still get the same error as yours. i'm also following the same steps as you did from LHN.

thanks
using '.' to indicate line start/end, the following lines:

.dn: cn:tammy,dc=exapmle,dc=com .
.objectClass: top.
.cn: Tammy.
. userPassword: {ssh}xxxxxxxxxx.

invalidates the dn and userPassword lines. the final dc is interpreted as "com " and the entry for password is seen as " userPassword", both of which are not found.

each entry line must be "trim()"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ldap invalid credentials finsh Linux - Server 4 12-12-2007 12:11 PM
LDAP , SASL and Invalid REALM mesh2005 Linux - Networking 0 12-14-2005 07:29 AM
LDAP Problem Invalid DN syntax (34) steve007 Linux - Newbie 3 10-18-2005 05:03 AM
ldap invalid credentials johond Linux - Networking 1 12-14-2004 04:31 AM
ldap: invalid credentials johond Debian 0 12-14-2004 04:00 AM


All times are GMT -5. The time now is 07:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration