OpenLDAP configuration error ldap_bind: Invalid credentials (49)
Have you tried to connect via CLI?
ldapsearch -x -D "cn=admin,dc=home,dc=local" -W -h <hostname>
Do check your syslog, slapd by default logs its output there.
You can also use slapcat, which must be executed locally, to know whether your database was created or not (slapd would break if otherwise, anyway). It will output the first database avaliable. Use the flag -n to extract an specific database:
slapcat -n <database number>
My bets are that you're authenticating against the wrong database.
PLS
Check my Lattes profile http://buscatextual.cnpq.br/buscatextual/visualizacv.jsp?id=K4461668H9
Updated on August 23, 2022Comments
-
PLS over 1 year
I'm using Ubuntu 10.4 server and I'm trying to configure OpenLDAP as a protocol for authentication for SVN and other services. However I quite don't understand how ldap works and after setting a example config I tried to populate it without success. This is the error:
ldap_bind: Invalid credentials (49)
It seems to be example config problem, more precisely with the admin configuration. However I tried to change it using cryptographic password but got no results. Code config bellow
# Load modules for database type dn: cn=module,cn=config objectclass: olcModuleList cn: module olcModuleLoad: back_bdb.la # Create directory database dn: olcDatabase=bdb,cn=config objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: bdb # Domain name (e.g. home.local) olcSuffix: dc=home,dc=local # Location on system where database is stored olcDbDirectory: /var/lib/ldap # Manager of the database olcRootDN: cn=admin,dc=home,dc=local olcRootPW: admin # Indices in database to speed up searches olcDbIndex: uid pres,eq olcDbIndex: cn,sn,mail pres,eq,approx,sub olcDbIndex: objectClass eq # Allow users to change their own password # Allow anonymous to authenciate against the password # Allow admin to change anyone's password olcAccess: to attrs=userPassword by self write by anonymous auth by dn.base="cn=admin,dc=home,dc=local" write by * none # Allow users to change their own record # Allow anyone to read directory olcAccess: to * by self write by dn.base="cn=admin,dc=home,dc=local" write by * read