On Friday 05 October 2007 18:21:29 Dan Denton wrote:
Hello list,
I've been halfway successful so far in setting up an ldap server, but have run into issues when setting passwords using ldappasswd. The server is RHEL 4, running openldap-2.2.13-7.4E (server and clients) provided by RedHat.
If you're just starting ... you may want to reconsider using an ancient version of openldap that is no longer supported.
There are alternatives: http://staff.telkomsa.net/packages/rhel4/openldap/
I've successfully gotten the server listening, and have added entries to the database, and can even access it from my outlook installation (browsing of course).
When I run the following command on my ldap server, I get the following output:
[root@TESTBED002 sbin]# ldappasswd -WS -D 'cn=root,ou=users,dc=remitpro,dc=local' jdoe -d 300 New password: Re-enter new password: Enter LDAP Password: request 1 done SASL/DIGEST-MD5 authentication started request 2 done Please enter your password: request 3 done ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80) additional info: SASL(-13): user not found: no secret in database
The first two prompts seem pretty straightforward, in that it seems to be asking for the user's new password. The second and third have me stumped. Is the second password (LDAP Password) the bind password for the root user? If so, by entering that, the result is being sent straight to the final error message. If I hit enter (blank) at that prompt, I'm sent to the 'MD5' prompt, and which point anything I enter gets me the final error message.
Assuming you haven't configured SASL, and you have rootpw set in slapd.conf, you probably: 1)Need to use the -x flag to not use SASL 2)instead of providing jdoe, you may want to provide the DN of the user. 3)Use the correct rootdn
So, you may have more success with:
# ldappasswd -x -D cn=root,dc=remitpro,dc=local -W -S cn=jdoe,ou=users,dc=remitpro,dc=local
rootdn "cn=root,dc=remitpro,dc=local" rootpw secret
dn: cn=jdoe,ou=users,dc=remitpro,dc=local
You may want to consult the man pages ...
Regards, Buchan