On Thu, Oct 6, 2011 at 9:50 AM, Craig White <[email protected]> wrote:
> Obviously there is something that I don't understand because I would expect
> to be able to bind using CN as well as UID attribute...
>
> version: 2.4.21-0ubuntu5.5
>
> ***** this as you can see works *****
> # ldapsearch -x -D 'uid=cwhite,ou=people,dc=ttinet,dc=local' -W
> '(uid=cwhite)' uid, cn
> Enter LDAP Password:
> # extended LDIF
> #
> # LDAPv3
> # base <dc=ttinet,dc=local> (default) with scope subtree
> # filter: (uid=cwhite)
> # requesting: uid, cn
> #
>
> # cwhite, people, ttinet.local
> dn: uid=cwhite,ou=people,dc=ttinet,dc=local
> cn: Craig White
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
> ***** same as above but using cn instead of uid *****
> # ldapsearch -x -D 'cn=Craig White,ou=people,dc=ttinet,dc=local' -W
> '(uid=cwhite)' uid, cn
> Enter LDAP Password:
> ldap_bind: Invalid credentials (49)
>
> I have to believe that if this is an ACL issue, then the very first rule is
> the problem...
>
> olcAccess: {0}to attrs=userPassword,shadowLastChange by
> dn.exact="uid=administ
> rator,ou=people,dc=ttinet,dc=local" write by self write by anonymous
> auth
> by * none
>
> What is it that I am missing?
>
> --
> Craig White ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> [email protected]
> 1.800.869.6908 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> www.ttiassessments.com
>
> Need help communicating between generations at work to achieve your desired
> success? Let us help!
>
>
> I guess it not matter of CN or UID, you can only bind using DN and a valid
password. The key is DN, your can search DN using any attribute and then do
the bind using DN.
