Tianyin Xu wrote:
Hi, all,
I'm using Ubuntu 10.04 and LDAP 2.4.23. I'm having difficulty with the basic binding.
I don't want to allow anonymous ldapsearch on the LDAP server so I specify a dn and password for the bind. If I use the following parameters for ldapsearch like
ldapsearch -b "dc=ucsd,dc=edu" -D "cn=admin,dc=ucsd,dc=edu" -w 1234This works quite fine. Then, I write the parameters into ldap.conf as follows:
-----------------ldap.conf----------------------- BASE dc=ucsd,dc=edu BINDDN cn=admin,dc=ucsd,dc=edu BINDPW 12345
Then only BASE has effect. According to the ldap.conf manual, BINDDN is a "user-only" attribute and needs to go in ~/.ldaprc; it doesn't mention BINDPW at all.
But searching on the web, I found several cases that used "binddn" and "bindpw" in ldap.conf and worked successfully. So I'm quite confused for these two directives.
Those were not OpenLDAP's ldap.conf. BINDPW isn't mentioned in OpenLDAP documentation because it does not exist in OpenLDAP. Reading non-OpenLDAP documentation and attempting to apply it to OpenLDAP software is a pretty reliable means of confusing yourself.