Re: OpenLDAP problem

2007-01-08 Thread Petr Janda 

Took me 2 hours to figure out I missed to add this ACL:

access to attrs=userPassword
   by self write
   by * auth

*rolls eyes*

Cheers though,

Petr

Simon 'corecode' Schubert wrote:

Petr Janda wrote:

but when i try to bind:

porncatalog# ldapsearch -D 
"uid=dns,ou=daemons,dc=webgate,dc=net,dc=au" -W

Enter LDAP Password:
ldap_bind: Invalid credentials (49)


either you may have to set the password with ldappasswd or such so 
that you have it crypted, or maybe you have to pass -x?


aside from that, what are the credentials for the root dn of the 
server?  ldapsearch has to start somewhere I guess.  What about 
ldapsearch -b cn=somezone,ou=zones,dc=webgate,dc=net,dc=au ?


switching on debugging in the ldap server helps a lot.

cheers
 simon

Re: OpenLDAP problem

2007-01-08 Thread Simon 'corecode' Schubert 

Petr Janda wrote:

but when i try to bind:

porncatalog# ldapsearch -D "uid=dns,ou=daemons,dc=webgate,dc=net,dc=au" -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)


either you may have to set the password with ldappasswd or such so that you 
have it crypted, or maybe you have to pass -x?

aside from that, what are the credentials for the root dn of the server?  
ldapsearch has to start somewhere I guess.  What about ldapsearch -b 
cn=somezone,ou=zones,dc=webgate,dc=net,dc=au ?

switching on debugging in the ldap server helps a lot.

cheers
 simon

--
Serve - BSD +++  RENT this banner advert  +++ASCII Ribbon   /"\
Work - Mac  +++  space for low €€€ NOW!1  +++  Campaign \ /
Party Enjoy Relax   |   http://dragonflybsd.org  Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz   Mail + News   / \



signature.asc
Description: OpenPGP digital signature

OpenLDAP problem

2007-01-08 Thread Petr Janda 

Hey,

I can easily bind to my ldap server with cn=Manager..., ive setup an 
ou=daemons, so my dns server can bind to the ldap server via something 
else than cn=Manager. Ive added an entry into the ou called cn=dns.


dn: cn=dns,ou=daemons,dc=webgate,dc=net,dc=au
objectClass: top
objectClass: inetOrgPerson
userPassword: test
cn: dns
sn: dns

Ive got an access list for that user:

access to dn.children="ou=zones,dc=webgate,dc=net,dc=au"
   by dn="uid=dns,ou=daemons,dc=webgate,dc=net,dc=au" read

but when i try to bind:

porncatalog# ldapsearch -D "uid=dns,ou=daemons,dc=webgate,dc=net,dc=au" -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)


Any ideas please?

Petr