Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

openLDAP: error code 49 - Invalid Credentials

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
cytisine
Posts: 24
Joined: 2014-07-28 07:23

openLDAP: error code 49 - Invalid Credentials

#1 Post by cytisine »

Hello All,

I'm newbie to LDAP, and for a couple of days I'm trying to do some ACLs but haven't managed to make it work.
My Config is as follows:

ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config 'olcDatabase={1}mdb'

Code: Select all

# {1}mdb, config
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example
olcLastMod: TRUE
olcRootDN: cn=admin,dc=example
olcRootPW: {SSHA}**************************************
olcDbCheckpoint: 512 30
olcDbIndex: objectClass eq
olcDbIndex: cn,uid eq
olcDbIndex: uidNumber,gidNumber eq
olcDbIndex: member,memberUid eq
olcDbMaxSize: 1073741824
olcAccess: {0}to * by * read
slapacl -D '' -b 'cn=test,dc=example'

Code: Select all

authcDN: ""
entry: =0
children: =0
cn=test: =0
objectClass=organizationalRole: =0
objectClass=top: =0
objectClass=simpleSecurityObject: =0
structuralObjectClass=organizationalRole: =0
entryUUID=3a3096d6-5ea6-1037-9950-e1caa13e5b27: =0
creatorsName=cn=admin,dc=example: =0
createTimestamp=20171115231242Z: =0
userPassword=****: =0
entryCSN=20171115231301.164740Z#000000#000#000000: =0
modifiersName=cn=admin,dc=example: =0
modifyTimestamp=20171115231301Z: =0
I've successfully bind as admin, but when I try to bind with non-admin user Apache Directory Studio returns: LDAP: error code 49 - Invalid Credentials.

So the question in short is there something that I've missed with the creation "test" record so it can't bind to LDAP or is there an ACL that has to be done?

Thanks in advance.

Post Reply