LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-14-2017, 12:50 AM   #1
Volcano
Member
 
Registered: Sep 2005
Posts: 221

Rep: Reputation: 15
Invalid credentials error


I have installed Openldap 2.4.31

$sudo slapcat -n0

I get the following print in console

......................................
olcRootDN: cn=admin,dc=nodomain
.............................
.........................

olcRootPW:: e1NTSEF9akhVUWl3U2psMys3MTFjZVFoK3hFWEpVdy93dzVTa3c=
............................................


Now when I try to add a ldif file as per below command I get error

ldapadd -D "cn=Manager,dc=example,dc=com" -w password@123 -f /home/tintin/ldif


I get this error:

ldap_bind: Invalid credentials (49)


What is the issue ? how to fix this ?

Last edited by Volcano; 11-14-2017 at 01:20 AM.
 
Old 11-14-2017, 02:52 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,545

Rep: Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790
Hi,
Quote:
I get the following print in console

olcRootDN: cn=admin,dc=nodomain
From your post looks like the admin DN is: cn=admin,dc=nodomain. So you have to use:
Code:
ldapadd -D "cn=admin,dc=nodomain" -w password@123 -f /home/tintin/ldif
If you still get the same error, then you give the wrong password. In this case use your favorite search engine to find out how to reset the openldap admin password for your distro


Regards

Last edited by bathory; 11-14-2017 at 03:10 AM. Reason: typo
 
Old 11-14-2017, 03:41 AM   #3
Volcano
Member
 
Registered: Sep 2005
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by bathory View Post
Hi,

From your post looks like the admin DN is: cn=admin,dc=nodomain. So you have to use:
Code:
ldapadd -D "cn=admin,dc=nodomain" -w password@123 -f /home/tintin/ldif
If you still get the same error, then you give the wrong password. In this case use your favorite search engine to find out how to reset the openldap admin password for your distro


Regards
okay...now I run your command ...I get this

$ sudo ldapadd -D "cn=admin,dc=nodomain" -w password@123 -f /home/tintin/ldif

adding new entry "dc=example,dc=com"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge



ldif
-----------

dn: dc=example,dc=com
dc: example
description: My wonderful company
objectClass: dcObject
objectClass: organization
o: Example, Inc.



dn: ou=people, dc=example,dc=com
ou: people
description: All people in organisation
objectclass: organizationalunit



dn: cn=Robert Smith,ou=people,dc=example,dc=com
objectclass: inetOrgPerson
cn: Robert Smith
cn: Robert J Smith
cn: bob smith
sn: smith
uid: rjsmith
userpassword: rJsmitH
carlicense: HISCAR 123
homephone: 555-111-2222
mail: r.smith@example.com
mail: rsmith@example.com
mail: bob.smith@example.com
description: swell guy
ou: Human Resources

What is the issue here ? Is there any fix to this ?

Last edited by Volcano; 11-14-2017 at 04:18 AM.
 
Old 11-14-2017, 05:08 AM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,545

Rep: Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790
Quote:
$ sudo ldapadd -D "cn=admin,dc=nodomain" -w password@123 -f /home/tintin/ldif

adding new entry "dc=example,dc=com"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
Without more info, I can only guess that you're trying to add the DIT "dc=example,dc=com" in your ldap, while it's not aware of that.
Your DIT is most likely "dc=nodomain", so replace any occurrences of "dc=example,dc=com" with "dc=nodomain" in the ldif you want to add in ldap.
You need also remove the initial "dn: dc=nodomain", as it should be already added during the installation/reconfiguration of ldap
 
Old 11-15-2017, 03:57 AM   #5
Volcano
Member
 
Registered: Sep 2005
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by bathory View Post
Without more info, I can only guess that you're trying to add the DIT "dc=example,dc=com" in your ldap, while it's not aware of that.
Your DIT is most likely "dc=nodomain", so replace any occurrences of "dc=example,dc=com" with "dc=nodomain" in the ldif you want to add in ldap.
You need also remove the initial "dn: dc=nodomain", as it should be already added during the installation/reconfiguration of ldap
okay . I have done the changes...please find the directory structure attached.


but it does not show homophone number and other details when I do a base search

$ldapsearch -x -b "uid=skdas,cn=S K Das,ou=people,dc=nodomain"

# extended LDIF
#
# LDAPv3
# base <uid=skdas,cn=S K Das,ou=people,dc=nodomain> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 32 No such object
matchedDN: cn=S K Das,ou=people,dc=nodomain

# numResponses: 1
Attached Thumbnails
Click image for larger version

Name:	ldap-image.PNG
Views:	6
Size:	18.5 KB
ID:	26314  

Last edited by Volcano; 11-15-2017 at 03:58 AM.
 
Old 11-15-2017, 06:10 AM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,545

Rep: Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790Reputation: 1790
Quote:
...but it does not show homophone number and other details when I do a base search
Of course it doesn't as you're looking for a not existent entry:
Quote:
$ldapsearch -x -b "uid=skdas,cn=S K Das,ou=people,dc=nodomain"
<snip>
result: 32 No such object
matchedDN: cn=S K Das,ou=people,dc=nodomain

# numResponses: 1
The correct searches should be:
Code:
ldapsearch -x -b "cn=S K Das,ou=people,dc=nodomain"
and/or
ldapsearch -x -b "ou=people,dc=nodomain"  "(uid=skdas)"
I suggest you to start reading this e-book, if you want to use ldap

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ldapsearch invalid credentials AcceptSecurityContext error boyke Linux - Server 3 10-06-2013 09:50 AM
[SOLVED] LDAP error:::Invalid credentials (49) yashfire007 Linux - Newbie 2 05-19-2013 09:23 PM
Getting ldap_bind : Invalid credentials(49) error Rohit_4739 Linux - Server 4 03-15-2013 12:29 PM
[SOLVED] openldap setup Invalid credentials error (49) vigilandy Linux - Server 9 10-15-2010 09:33 AM
using ldapsearch gettting Invalid credentials (49) error p1111a Linux - Server 3 05-15-2009 05:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:07 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration