Try this, ldapsearch -h <servername> -p <PortNumber> -x -D cn=Manager,dc=nits,dc=ac,dc=in -W -b dc=nits,dc=ac,dc=in '(uid=jmaan*)'
-----Original Message----- From: [EMAIL PROTECTED] g [mailto:[EMAIL PROTECTED] nLDAP.org] On Behalf Of Jyotishmaan Ray Sent: Thursday, 20 December 2007 3:31 AM To: [email protected] Subject: ldapsearch in openldap problem Plz see below the output of ldapsearch using -x and -D options:- Please find enclosed the slapd.conf and /etc/ldap.conf files herewith in text format. Please let me know why i am getting these errors. Had been trying since a few months for successful authentication. studied gssapi,sasl, etc types of authentication mechanisms. It seems no ways other than this list for deep insights into ldapsearch and then sucessful authentication!! 1) [EMAIL PROTECTED] openldap]# ldapsearch -D 'dc=nits,dc=ac,dc=in' '(uid=jmaan*)' SASL/DIGEST-MD5 authentication started Please enter your password: ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database [EMAIL PROTECTED] openldap]# 2) When ldapsearch is used with -x -b the output is shown as below:- [EMAIL PROTECTED] openldap]# ldapsearch -x -b 'dc=nits,dc=ac,dc=in' '(uid=jmaan*)' # extended LDIF # # LDAPv3 # base <dc=nits,dc=ac,dc=in> with scope subtree # filter: (uid=jmaan*) # requesting: ALL # # jmaan, non-teach, compcen, <http://nits.ac.in/> nits.ac.in dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in uid: jmaan cn: jmaan objectClass: account objectClass: posixAccount loginShell: /bin/bash uidNumber: 623 gidNumber: 623 homeDirectory: /home/jmaan # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 In the below output, i have tried using the "Manager"'s password as well as "uid"'s password to lon on to the server, but in both the cases, the authentication could not be successful:- [EMAIL PROTECTED] ~]# ldapsearch -b 'dc=nits,dc=ac,dc=in' '(uid=jmaan*)' SASL/DIGEST-MD5 authentication started Please enter your password: ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database [EMAIL PROTECTED] ~]# The output of ldapwhoami command is as shown below with -x and -D options:- [EMAIL PROTECTED] openldap]# ldapwhoami -D "cn=Manager,dc=nits,dc=ac,dc=in " -W Enter LDAP Password: SASL/DIGEST-MD5 authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database [EMAIL PROTECTED] openldap]# ldapwhoami -x -D "cn=Manager,dc=nits,dc=ac,dc=in " -W Enter LDAP Password: dn:cn=Manager,dc=nits,dc=ac,dc=in Result: Success (0) [EMAIL PROTECTED] openldap]# [EMAIL PROTECTED] openldap]# ldapwhoami -x "cn=Manager,dc=nits,dc=ac,dc=in " anonymous Result: Success (0) [EMAIL PROTECTED] openldap]# Is it necessary to create a userid and a password in the sasldb using saslpasswd2 :- Though i created a saslpasswd2 for the user "jmaan" for performing the ldapsearch, without using -x, it is yet not successful. Please give me hints why it is as such unsuccessful and shown above, without std output from the console. One more thind my ldap server is on Linux fedora o.s. Thanking you in anticipation, Jyotishmaan With Thanks and Regards, Jyotishmaan Ray Moderator Of Paradise Groups http://yahoogroups.com/group/Spirituality-Paradise <http://yahoogroups.com/group/Spirituality-Paradise> Are You Spiritually Aware !!! Are You Enjoying Yourself !!! See What All You Had Been Missing !!!! Please Join Immediately By Sending A Blank Mail @ [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> _____ Looking for last minute shopping deals? Find <http://us.rd.yahoo.com/evt=51734/*http://tools.search.yahoo.com/newsearch/c ategory.php?category=shopping> them fast with Yahoo! Search. Australia Post is committed to providing our customers with excellent service. If we can assist you in any way please telephone 13 13 18 or visit our website. The information contained in this e-mail communication may be proprietary, confidential or legally professionally privileged. It is intended exclusively for the individual or entity to which it is addressed. You should only read, disclose, re-transmit, copy, distribute, act in reliance on or commercialise the information if you are authorised to do so. Australia Post does not represent, warrant or guarantee the integrity of this e-mail communication has been maintained nor that the communication is free of errors, virus or interference. If you are not the addressee or intended recipient please notify us by replying direct to the sender and then destroy any electronic or paper copy of this message. Any views expressed in this e-mail communication are taken to be those of the individual sender, except where the sender specifically attributes those views to Australia Post and is authorised to do so.
