This is output for ldapsearch, I am not sure it's much different from the
previous post.
=> access_allowed: auth access to "uid=testuser,ou=People,dc=myorg,dc=com"
"userPassword" requested
=> acl_get: [1] attr userPassword
=> slap_access_allowed: result not in cache (userPassword)
=> acl_mask: access to entry "uid=testuser,ou=People,dc=myorg,dc=com", attr
"userPassword" requested
=> acl_mask: to value by "", (=0)
<= check a_dn_pat: *
<= acl_mask: [1] applying write(=wrscxd) (stop)
<= acl_mask: [1] mask: write(=wrscxd)
=> slap_access_allowed: auth access granted by write(=wrscxd)
=> access_allowed: auth access granted by write(=wrscxd)
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: err=49 matched="" text=""
send_ldap_response: msgid=2 tag=97 err=49
Here is my ACL now:
access to attrs=userPassword
by * write
by * read
access to *
by * read
This is my LDAP build options:
./configure --prefix=/opt --enable-bdb --enable-crypt --enable-spasswd
--with-threads
--with-tls --with-cyrus-sasl --without-kerberos --disable-ipv6
--enable-slurpd --enable-cleartext --enable-wrappers
I am not sure this info will help anything :
LDFLAGS=-L/opt/lib -L/usr/local/BerkeleyDB.4.6/lib -L/opt/ssl/lib
-L/opt/lib/sasl2 -L/usr/lib -R/opt/ssl/lib -R/opt/lib/sasl
-L/usr/local/ssl/lib
CPPFLAGS=-I/opt/lib -I/opt/ssl/include -I/usr/local/BerkeleyDB.4.6/include
-I/opt/include/sasl
Thanks,
On Wed, Mar 19, 2008 at 10:23 AM, Buchan Milne <[EMAIL PROTECTED]>
wrote:
> On Wednesday 19 March 2008 15:40:13 Kevin Kim wrote:
> > I did same option as ldapadd, but I am not getting any output.
> >
> > /opt/bin/ldapsearch -Z -x -W -D "ou=People,dc=myorg,dc=com"
> > "(objectclass=*)"
> > Enter LDAP Password:
>
> Generally, debugging at the client side is not useful if you know exactly
> what
> the client was trying, the error:
>
> > ldap_bind: Invalid credentials (49)
>
> is sufficient.
>
> So, to me it looks like ou=People,dc=myorg,dc=com does not have the
> password
> you think it does, or the access controls to userPassword are too strict,
> or
> the password hash you are using is not supported by your build.
>
> At this point it's probably best asking how you compiled slapd (what
> configure
> options, what linker flags you used).
>
> Regards,
> Buchan
>
