Hi,
I actually followed the reference link. However, one part is not clear to me
perhaps you can clarify:
The userPassword was in hashed format, i.e. userPassword:
e1NBU0x9d2hvQGJvYXJkdmFudGFnZS5uZXQ=, when I ran ldapsearch command, not
{SASL}[email protected]. When I use Apache Directory Studio it shows me
userPassword is "SASL hashed password".
Does it make any difference?
Thanks,
Date: Wed, 19 Nov 2014 21:58:37 +0100
Subject: Re: [lsc-users] LSC Password Issue
From: [email protected]
To: [email protected]
CC: [email protected]
2014-11-19 20:44 GMT+01:00 W. Ho <[email protected]>:
Hi List,
Hi,
I am setting up LSC to sync AD to OpenLDAP. Everything looks fine except the
password does not work.
The backgrounds:
Source: Windows 2008 R2 Active Directory, 64-bit
Destination: OpenLDAP: 2.4.23, 64-bit running on CentOS 6.5, 64-bit
LSC: 2.1.1
JDK: Oracle/Sun 1.7.0_71
Password: Use AD as the main password store, configure the OpenLDAP directory
server to redirect authentications there, via SASL and LDAP binds per
instructions
The CentOS is configured to allow SSH login only. After sync OpenLDAP with AD,
I got all users' information with userPassword of SASL format. I can login to
CentOS system with SSH key but not with password. Running sudo also failed
because the password is not recognized. When I run "su -" command the system
asks me twice, see below, for root password before I can su to root.
I have provided the following information for your reference. Could someone
please take a look and let me know what I have done incorrectly?
Seems the LSC part is good if you have the SASL password in OpenLDAP.
You can check this doc to see if your SASL configuration is ok:
http://ltb-project.org/wiki/documentation/general/sasl_delegation
But as your problem seems not related to LSC, you should try to get help on
OpenLDAP mailing list for example.
Clément.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
