Hello list,
I have a local OpenLDAP server with a couple of users. I'm using it for development purposes, here's the ldif:
#Top level - the organization dn: dc=site, dc=com dc: site description: OneLogin LLC objectClass: dcObject objectClass: organization o: OneLogin LLC
#Top level - manager dn: cn=Manager, dc=site, dc=com objectClass: organizationalRole cn: Manager
#Second level - organizational units dn: ou=people, dc=site, dc=com ou: people description: All people in the organization objectClass: organizationalunit
dn: ou=groups, dc=site, dc=com ou: groups description: All groups in the organization objectClass: organizationalunit
#Third level - people dn: uid=celoserpa, ou=people, dc=site, dc=com objectclass: pilotPerson objectclass: uidObject uid: celoserpa cn: Marcelo de Moraes Serpa sn: de Moraes Serpa userPassword: secret_12345 mail: marcelo@site.com
So far, so good. I can bind with "cn=Manager,dc=site,dc=com" and the 12345678 password (the local server password, setup on slapd.conf).
However, I would like to bind with any user in under the people OU. In this case, I'd like to bind with: dn: uid=celoserpa, ou=people, dc=site, dc=com userPassword: secret_12345
But I'm getting a (49) - Invalid Credentials error everytime. I have tried through CLI tools (such as ldapadd, ldapwhoami, etc) and also ruby/ldap. The bind with these credentials fails with a invalid credentials error.
I was suspecting that maybe OpenLDAP doesn't compare against userPassword? Or maybe some ACL configuration I am missing that is somehow affecting the read access to userPassword for the specific DN.
I'm really lost here, any suggestion appreciated!
Cheers,
Marcelo.