ldapscripts by default tries to use /etc/ldap.secret generated by libnss-ldap, but it fails because it contains a trailing new line.
This is the error found in /var/log/ldapscripts.log:
ldap_bind: Invalid credentials (49)
That's because /etc/ldap.secret is created by libnss-ldap with a trailing new line, which is not compatible with ldapadd.
I can think of 3 possible solutions:
1) strip that new line in /usr/share/ldapscripts/runtime.debian
2) change the libnss-ldap package to save the password in /etc/ldap.secret without the new line
3) drop the support for this feature, so don't even try to use /etc/ldap.secret and update /usr/share/ldapscripts/runtime.debian, /etc/ldapscripts/ldapscripts.conf and the documentation accordingly
Imho removing this feature (solution 3) would be a bit of a shame as it almost works.
Hi there,
ldapscripts by default tries to use /etc/ldap.secret generated by libnss-ldap, but it fails because it contains a trailing new line. ldapscripts. log:
This is the error found in /var/log/
ldap_bind: Invalid credentials (49)
That's because /etc/ldap.secret is created by libnss-ldap with a trailing new line, which is not compatible with ldapadd. ldapscripts/ runtime. debian ldapscripts/ runtime. debian, /etc/ldapscript s/ldapscripts. conf and the documentation accordingly
I can think of 3 possible solutions:
1) strip that new line in /usr/share/
2) change the libnss-ldap package to save the password in /etc/ldap.secret without the new line
3) drop the support for this feature, so don't even try to use /etc/ldap.secret and update /usr/share/
Imho removing this feature (solution 3) would be a bit of a shame as it almost works.
Thanks,
Giacomo