Hello everyone, I am very new to LDAP and have read through most of O'Reilly's LDAP book. I am having significant trouble trying to do an ldap seach on a specific person in my LDAP database. Here is what I am trying to do:
$ ldapsearch -v -x -W -b "dc=domain,dc=com" -D "uid=myuser,ou=people,dc=domain,dc=com" "(objectclass=*)" ldap_initialize( ldap://ldap.domain.com ) Enter LDAP Password: ldap_bind: Invalid credentials This is the LDIF that was created for the person (password masked): dn: uid=myuser,ou=people,dc=domain,dc=com uid: myuser cn: myuser objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword: {crypt}$1$XXXXXXXX/XXXXXXXXX/ shadowLastChange: 13003 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1000 gidNumber: 100 homeDirectory: /home/myuser Here is the slapd.cof (I allowed world access for testing purposes): ## slapd.conf include /path/to/schema/core.schema include /path/to/schema/cosine.schema include /path/to/schema/nis.schema include /path/to/schema/inetorgperson.schema loglevel any pidfile /path/to/slapd.pid argsfile /path/to/slapd.args TLSCipherSuite HIGH TLSCertificateFile /path/to/tls.cert TLSCertificateKeyFile /path/to/tls.key password-hash {SSHA} database bdb suffix "dc=domain,dc=com" rootdn "cn=Manager,dc=domain,dc=com" rootpw {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX directory /path/to/openldap-data mode 0600 index objectClass eq index cn,uid eq index uidNumber eq #index guidNumber eq # ACL access to * by * read Here is the log that gets generated: slapd[14927]: <= entry_decode(uid=myuser,ou=people,dc=domain,dc=com) slapd[14927]: => access_allowed: auth access to "uid=myuser,ou=people,dc=domain,dc=com" "userPassword" requested slapd[14927]: => acl_get: [1] attr userPassword slapd[14927]: access_allowed: no res from state (userPassword) slapd[14927]: => acl_mask: access to entry "uid=myuser,ou=people,dc=domain,dc=com", attr "userPassword" requested slapd[14927]: => acl_mask: to value by "", (=0) slapd[14927]: <= check a_dn_pat: * slapd[14927]: <= acl_mask: [1] applying read(=rscxd) (stop) slapd[14927]: <= acl_mask: [1] mask: read(=rscxd) slapd[14927]: => access_allowed: auth access granted by read(=rscxd) slapd[14927]: send_ldap_result: conn=0 op=0 p=3 slapd[14927]: send_ldap_result: err=49 matched="" text="" slapd[14927]: send_ldap_response: msgid=1 tag=97 err=49 slapd[14899]: daemon: activity on 1 descriptors slapd[14899]: daemon: activity on: orion slapd[14899]: 13r slapd[14899]: slapd[14899]: daemon: read activity on 13 slapd[14899]: connection_get(13) slapd[14899]: connection_get(13): got connid=0 slapd[14899]: connection_read(13): checking for input on id=0 slapd[14899]: ber_get_next on fd 13 failed errno=0 (Success) slapd[14899]: connection_read(13): input error=-2 id=0, closing. slapd[14899]: connection_closing: readying conn=0 sd=13 for close slapd[14899]: connection_close: deferring conn=0 sd=13 slapd[14899]: daemon: select: listen=6 active_threads=0 tvp=NULL slapd[14899]: daemon: select: listen=7 active_threads=0 tvp=NULL slapd[14899]: daemon: activity on 1 descriptors slapd[14899]: daemon: select: listen=6 active_threads=0 tvp=NULL slapd[14899]: daemon: select: listen=7 active_threads=0 tvp=NULL slapd[14927]: conn=0 op=0 RESULT tag=97 err=49 text= slapd[14927]: connection_resched: attempting closing conn=0 sd=13 slapd[14927]: connection_close: conn=0 sd=13 slapd[14927]: daemon: removing 13 slapd[14927]: conn=0 fd=13 closed Thanks for your help, it is much appreciated. Sincerely, ~~K
