Fred Zinsli wrote:
This issue has now been resolved. The command I used to set/change the password was incomplete.
This command allowed me to set the password: slappasswd -h {CRYPT} -c '$2a$05$%.24s'
I doubt that this solved your problem if you did not undertake any additional action.
The command-line tool slappasswd only outputs the hashed password to stdout. It does not modify the in-directory password of an entry or the rootdn's password in slapd.conf. You have to manually do that yourself.
See man 8 slappasswd:
"Slappasswd is used to generate an userPassword value suitable for use with ldapmodify(1) or slapd.conf(5) rootpw configuration directive."
Also you should use slappasswd -h {SSHA} (salted SHA-1) since hashes generated with {CRYPT} are platform-specific and might cause trouble when migrating the directory to another platform.
Note that if using SASL/DIGEST-MD5 then you need the password value to be stored as cleartext in attribute 'userPassword'. I guess that was your real problem.
Ciao, Michael.
Regards
Fred
-----Original Message----- From: "Fred Zinsli" fred.zinsli@shooter.co.nz To: openldap-technical@openldap.org Date: Sat, 05 Jul 2008 08:59:02 +1200 Subject: Trouble setting password
Hello everyone
Newby here. I am having trouble getting started with my new ldap install.
I got it installed on FC8 and am now attempting to configure it.
I am attempting to setup the default password and I am getting this message.
[root@dofiss ~]# ldappasswd SASL/DIGEST-MD5 authentication started Please enter your password: ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database
This is my second day on trying to sort this out so any comments would be most helpful.
Regards
Fred