Theunis De Klerk wrote:
Wait - you mean ldapsearch -D "uid=username,ou=people,dc=yoursuffix,dc=com" -w thepassword works? So the user is able to successfully authenticate using the password after upgrade using ldapsearch? Just not with some other tool?32-bit or 64-bit?64-bit.I'm not sure what you mean by "using profiles in ldap".A person is technically just an entry with attributes.Does ldapsearch work? Can you try /usr/bin/ldapsearch -x -D "uid=username,ou=people,dc=yoursuffix,dc=com" -w thepassword -s base -b "" ?Yes that works fine.
* ldapsearch works * OS login fails * Apache mod_ldap fails * other apps? I'm trying to figure out what the common thread is here.For the apps that fail - can you take a look at the directory server access log in /var/log/dirsrv/slapd-instance/access and see what the sequence of operations is? I just want to see if those apps are attempting to retrieve the userPassword attribute and doing the password comparison themselves, or using the LDAP Compare operation, rather than just doing an LDAP BIND operation with the clear text password (which is what ldapsearch -x -D "dn" -w cleartextpw does
That's what I don't get. All the data is there! I can even search for a user and all their information is there. Even the password. -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
