Re: openldap nightmare

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Nov 05, 2007 at 02:25:55PM -0700, Craig White wrote:
> On Mon, 2007-11-05 at 21:19 +0000, Timothy Murphy wrote:
> > I've spent today trying to get openldap running under Fedora 7.
> > The documentation is unbelievably bad -
> > even worse than sendmail, the previous winner.
> > It is almost as incomprehensible as my VHS manual in Japanese.

It's like most man pages, bad for starting out, great for reference.

> > Anyway, I've got to the stage where I'm trying to install
> > an address book with ldapadd with
> > [root@alfred tim]#
> > ldapadd -x -D 'cn=Manager,dc=alfred,dc=gayleard,dc=com' -W -f /etc/openldap/addressbook.ldif
> > Enter LDAP Password:
> > and I get the error
> > ldap_bind: Invalid credentials (49)

You are trying to bind as "cn=Manager,dc=alfred,dc=gayleard,dc=com" and
it did not like the password you gave.

> > which I find slightly baffling since ldapsearch seems to work ok:
> > 
> > [root@alfred tim]# ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

That is an anonymous bind. OK for reading.

> > So what sort of credentials do they want?
> ----
> whatever the password that is set for the bind address (-D
> 'cn=Manager,dc=alfred,dc=galeard,dc=com)

And that password is usually set in the /etc/openldap/slapd.conf
configuration file. You should see the lines:

rootdn          "cn=Manager,dc=alfred,dc=gayleard,dc=com"
rootpw          secret

If you don't want a plaintext password in the config file, you can
generate a password hash with the slappasswd command:

# slappasswd 
New password: 
Re-enter new password: 
{SSHA}94+CSjT15Xt0sCu3EoTpQf8c9ZKkS6px

Then cut that output and replace it in the rootpw line of
/etc/openldap/slapd.conf

rootpw {SSHA}94+CSjT15Xt0sCu3EoTpQf8c9ZKkS6px

> Recommendation...
> 
> LDAP System Administration by Gerald Carter
> 
> simplifies everything

+1

Great book.

-- 
Norman Gaywood, Systems Administrator
University of New England, Armidale, NSW 2351, Australia

ngaywood@xxxxxxxxxx            Phone: +61 (0)2 6773 3337
http://mcs.une.edu.au/~norm    Fax:   +61 (0)2 6773 3312

Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux