After importing backend.ldif I get "Invalid credentials (49) "
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap (Ubuntu) |
Expired
|
Low
|
Unassigned |
Bug Description
So I was trying to document configuring a new OpenLDAP install in Maverick but I ran into problems pretty quick. After I import my backend.ldif file I am unable to import the front end because of the error "Invalid credentials (49)".
Here is what I did. I can't see any mistakes so far:
sudo apt-get install slapd ldap-utils
load some additional schema files
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/
create a file called "backend.
-------
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb
# Database settings
dn: olcDatabase=
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=lan,dc=local
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,
olcRootPW: secret
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=
olcAccess: to attrs=shadowLas
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=
-------
load it into the LDAP
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.
Create a file called "frontend.
-------
# Create top-level object in domain
dn: dc=lan,dc=local
objectClass: top
objectClass: dcObject
objectclass: organization
o: lan Organization
dc: lan
description: LDAP lan
# Admin user.
dn: cn=admin,
objectClass: simpleSecurityO
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword: secret
dn: ou=people,
objectClass: organizationalUnit
ou: people
dn: ou=groups,
objectClass: organizationalUnit
ou: groups
dn: ou=computers,
objectClass: organizationalUnit
ou: computers
dn: uid=john,
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: john
sn: Doe
givenName: John
cn: John Doe
displayName: John Doe
uidNumber: 1000
gidNumber: 10000
userPassword: password
gecos: John Doe
loginShell: /bin/bash
homeDirectory: /home/john
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: <email address hidden>
postalCode: 31000
l: Toulouse
o: lan
mobile: +33 (0)6 xx xx xx xx
homePhone: +33 (0)5 xx xx xx xx
title: System Administrator
postalAddress:
initials: JD
dn: cn=lan,
objectClass: posixGroup
cn: lan
gidNumber: 10000
-------
import front end configuration
sudo ldapadd -x -D cn=admin,
Here is where I get
"Enter LDAP Password:
ldap_bind: Invalid credentials (49)"
From what I can tell I haven't made any mistake.
Hi,
did you try to do this:
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f frontend. lan.local. ldif
Could be that you are missing some acls for cn=admin