Thanks Aaron, Buchan, and Erich,
using clear text passwd. the replication to the slaves work now.
I will look at using SASL, so that I can have an encyrpted passwd for it.
Just curious, anyway I can use encrypted passwd for the proxyuser also? This
passwd is currently in /etc/ldap.secret with perm 0600 in clear text. I've
read that this has to be on every system (ldap server or client).
Thanks,
Steven
----- Original Message ----
From: Aaron Richton <[EMAIL PROTECTED]>
To: Steven Wong <[EMAIL PROTECTED]>
Cc: openLDAP software <[email protected]>
Sent: Saturday, July 15, 2006 9:59:15 AM
Subject: Re: slurpd -d9 --- Invalid credentials
Given
> replica host=<server3>:389
> credentials={MD5}$1$ghofW1$RazQvsgWa/7dtiphrRRPe0
you'll get
> Error: ldap_simple_bind_s for <server3>:389 failed: Invalid credentials
because the argument to "credentials=" must be (to use the term of
slapd.conf(5)) a "simple password," unhashed. That is, do not put
"{MD5}blah," but rather put "secret" itself (which hashes to {MD5}*).
If this bothers you, switch to a SASL mechanism. You have the same issue
with <server2>, by the way.
