LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-11-2007, 04:18 AM   #1
finsh
Member
 
Registered: Jan 2006
Posts: 157

Rep: Reputation: 16
ldap invalid credentials


Hi all

When contact with the ldap server This is what happens


invalid credentials and i have the image of what happened

http://linuxhave.googlepages.com/Screenshot.png


Is there a file Slabd.conf ready for example?

And this is my slapd.conf .

_______________________________

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast.schema
# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath /usr/lib/openldap/modules
# moduleload back_ldap.la
# moduleload back_meta.la
# moduleload back_monitor.la
# moduleload back_perl.la

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access to user password
# Allow anonymous users to authenticate
# Allow read access to everything else
# Directives needed to implement policy:
access to dn.base=""
by * read

access to dn.base="cn=Subschema"
by * read

access to attrs=userPassword,userPKCS12
by self write
by * auth

access to attrs=shadowLastChange
by self write
by * read

access to *
by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

loglevel 0
database bdb
suffix "dc=soool,dc=.com"
rootdn "cn=Administrator,dc=soool,dc=.com"
rootpw "{ssha}CIh6RFVxJ985vzu+KCUq0XWYSD1XTUtMQQ=="
directory /var/lib/ldap/
checkpoint 1024 5
cachesize 10000
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,eq,pres

* All users without exception

anonymous Not authenticated (‚€œanonymous‚€*) users

users Authenticated users

self Users connected with the target object

dn.regex=<regex> All users matching the regular expression


none No access

auth For contacting the server

compare To objects for comparison access

search For the employment of search filters

read Read access

Last edited by finsh; 12-11-2007 at 04:19 AM.
 
Old 12-11-2007, 07:06 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,910

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Looking at the image you posted, I think that you have to check the "Append Base DN" checkbox to have the full dn of the administrator.
 
Old 12-12-2007, 05:24 AM   #3
finsh
Member
 
Registered: Jan 2006
Posts: 157

Original Poster
Rep: Reputation: 16
The same problem.

But what about user map and group i have image for it


http://linuxhave.googlepages.com/Screenshot.png
 
Old 12-12-2007, 06:54 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,910

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
The only thing I notice, is that you have a dot "." in your DN (dc=.com). Even though it's not an illegal character in DNs, it's not used. So better change your root DN to dc=example,dc=com.
Perhaps this tutorial will help you in your task.

Regards
 
Old 12-12-2007, 12:11 PM   #5
finsh
Member
 
Registered: Jan 2006
Posts: 157

Original Poster
Rep: Reputation: 16
Mr.bathory

Thanks for help
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ldap_bind: Invalid credentials (49) pdrobe Linux - General 12 09-13-2012 02:41 AM
Apache + mod_ldap - [LDAP: ldap_simple_bind_s() failed] [Invalid credentials] GSMD Linux - Server 1 10-06-2006 10:41 AM
LDAP_BIND: Invalid Credentials rupesh_pulikool Linux - Software 0 02-01-2005 01:27 PM
ldap invalid credentials johond Linux - Networking 1 12-14-2004 04:31 AM
ldap: invalid credentials johond Debian 0 12-14-2004 04:00 AM


All times are GMT -5. The time now is 03:56 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration