Mailing Lists: Apple Mailing Lists
 Image of Mac OS face in stamp
Re: ldap_bind: Invalid credentials (49)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ldap_bind: Invalid credentials (49)

On Nov 10, 2005, at 5:55 PM, Hong I Ng wrote: 
I am using the included one. I have compared debug
outputs of two ldapadd operations. The first one
succeeded and was done on Fedora Core 4. The second
one failed and was done on Mac OS X 10.4.

It seems that ldapadd has failed while doing the fifth
'ber_get_next' call, i.e., after an 'ldap_bv2dn', two
'ldap_dn2bv's and a 'bdb_dn2id'. The error is
undefined, i.e., errno = 0.

I have attached the two logs in this e-mail. I hope
they won't mess up this e-mail.

Thanks very much for your attention.

Regards,
Hong-I

OK, I think I see the problem... it looks like it's not possible to do a simple bind against the rootdn if your password is specified in cleartext. The workaround would be to use slappasswd like this:

% slappasswd -s secret
{SSHA}ioGadl0574KxRPecJ7Pb5q33j2x/Fi3w

Then you can paste in the resulting hash into your config file as your rootpw directive.

I believe this is due to Mac OS X's version of OpenLDAP being built with --disable-cleartext.

http://darwinsource.opendarwin.org/10.4.3/OpenLDAP-69.0.1/Makefile

-Jason
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-userlevel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden







References: 


 >Re: ldap_bind: Invalid credentials (49) (From: Hong I Ng <email@hidden>)























Visit the Apple Store online or at retail locations.

1-800-MY-APPLE


Contact Apple | Terms of Use | Privacy Policy


Copyright © 2011 Apple Inc. All rights reserved.