7

When i run the next command it's all KO:

ldapsearch -x -b "dc=icm,dc=movismart,dc=com" -D "cn=Manager,dc=icm,dc=movismart,dc=com" -W

But when i run this it's a problem "Invalid Credentials (49)":

ldapsearch -x -b "dc=icm,dc=movismart,dc=com" -D "uid=sysadmin,dc=icm,dc=movismart,dc=com" -W

My slapd.conf:

loglevel 1

include     /etc/openldap/schema/core.schema
include     /etc/openldap/schema/cosine.schema
include     /etc/openldap/schema/inetorgperson.schema
include     /etc/openldap/schema/nis.schema
include     /etc/openldap/schema/openldap.schema
include     /etc/openldap/schema/dyngroup.schema

allow bind_v2

pidfile     /var/run/openldap/slapd.pid
argsfile    /var/run/openldap/slapd.args

access to attrs=userPassword
    by dn="cn=Manager,dc=icm,dc=movismart,dc=com" write
    by self write
    by anonymous auth
    by * none
access to dn.base="" by * read
access to *
    by dn="cn=Manager,dc=icm,dc=movismart,dc=com" write
    by * read

database    bdb
suffix      "dc=icm,dc=movismart,dc=com"
rootdn      "cn=Manager,dc=icm,dc=movismart,dc=com"
rootpw {SSHA}9xDlp+gBzA2E4EHXb4KXVkylAll7WmZd
directory   /var/lib/ldap

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

My structure ldif:

dn: dc=icm,dc=movismart,dc=com
objectClass: domain
objectClass: top
dc: icm

dn: ou=People,dc=icm,dc=movismart,dc=com
objectclass: top
objectclass: organizationalUnit
ou: People
description: Container for user entries

My sysadmin user ldif:

dn: uid=sysadmin,ou=People,dc=icm,dc=movismart,dc=com
objectclass: top
objectclass: uidObject
objectclass: person
uid: sysadmin
cn: System Administrator
sn: sysadmin
userPassword: sysadmin

I probe with plain text, crypt, md5 and ssha userPassword, and nothing.

Thanks a lot!!

user3021072
  • 85
  • 1
  • 3

1 Answers1

4

Try doing this:

slappasswd -h {MD5}

Enter the requested password accordingly. Take the output/result and place it into the file:

nano config.ldif

This file should looks like:

dn: cn=config
changetype: modify

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=admin,cn=config

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {MD5}inform password

dn: olcDatabase={0}config,cn=config
changetype: modify
delete: olcAccess

then make

ldapadd -Y EXTERNAL -H ldapi:/// -f config.ldif

To manipulate openldap, then use the command:

ldapadd -x -Y EXTERNAL -H ldapi:// -D cn=admin,cn=config -W -f file

Now it should work.

Avanz
  • 7,466
  • 23
  • 54
  • This is the response when I run the command: [root@coresvr ldif]# ldapadd -Y EXTERNAL -H ldapi:/// -f config.ldif ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) Thanks for your help Avanz! – user3021072 Nov 22 '13 at 10:48
  • Try this short tutorial. Check if you hadn't missed any step along the way. http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala – Avanz Nov 22 '13 at 10:54
  • I've use this tutorial: http://www.howtoforge.com/install-and-configure-openldap-on-centos-5. I've change the structure of users like my ldif user. I've read it can be a different version of Berkeley DB problem. – user3021072 Nov 22 '13 at 12:14
  • Try to check version compatibility. (btw. rate the comments if you find it useful/helpful) – Avanz Nov 23 '13 at 08:24