At this point I'm starting to wonder what on earth must've changed. I
didn't tweak any of the configuration files for slapd on the server or
for openldap on either machine. All of the /etc/pam.d files are in the
same configuration that was working for me previously. TLS
configuration is the same with the proper certs in the right areas...
All of these things I confirmed by successful authentication through pam
using ssh and login previously. On the client machine getent passwd is
showing the correct information and as root, getent shadow is showing
all of the information as well. Still, I cannot bind without the -x
with ldapsearch; I can't even run the search anonymously without the
-x. The errors that I am receiving in these cases are:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
Why, when ldap is serving the data properly, is it all of a sudden
complaining about SASL? I really do not want to implement SASL until I
understand it, anyway.
-x Use simple authentication instead of SASL.
your rootdn by passes all ACLs btw, so much of your "write" statements
are useless.
run slapd -d 128 for testing your acls.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E [EMAIL PROTECTED]
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered in Scotland. Registered
number: SC258005. Registered office: 13 Whiteley Well Place, Inverurie,
Aberdeenshire, AB51 4FP.
---
You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.