* Marc Tardif <[EMAIL PROTECTED]> [2006-07-20 10:53 -0400]: > I have installed OpenLDAP 2.2.26 from package on Ubuntu 6.06 LTS. The > postinst script prompts for a password to create an admin user. However, > when I try to run the ldapsearch command as the admin with that password, I > get the following error message: > > $ ldapsearch -x -w password -D "cn=admin,dc=nodomain" '(objectclass=*)' > ldap_bind: Invalid credentials (49) [snip] > So, any ideas what I might be doing wrong?
I have managed to address the authentication problem encountered by ldapsearch. It seems that the encryption used for the password wasn't being recognized by the authentication mechanism. So, I changed the password for cleartext with the following commands: $ /etc/init.d/slapd stop $ slapcat -f /etc/ldap/slapd.conf > /tmp/ldap.ldif $ perl -p -e 's/::.*/: password/' /tmp/ldap.ldif $ slapadd -f /etc/ldap/slapd.conf -l /tmp/ldap.ldif $ /etc/init.d/slapd start Then the ldapsearch command output the content of the LDAP database: $ ldapsearch -x -w password -D "cn=admin,dc=nodomain" '(objectclass=*)' ... So, here is the value for the userPassword attribute before ldapsearch worked: userPassword:: e2NyeXB0fUY2ZGdUZmF0SlUubTY= And after ldapsearch started working: userPassword:: d2FydGhvZ3M= Both are meant to be for the same password, so what might be the problem? Can I change the decryption algorithm from the ldapsearch options? -- Marc Tardif <[EMAIL PROTECTED]> Freenode: cr3, Jabber: [EMAIL PROTECTED] 1024D/72679CAD 09A9 D871 F7C4 A18F AC08 674D 2B73 740C 7267 9CAD
