Hello,
I have OpenLDAP running on Ubuntu 12.04 . I use it as central directory for authentication as well as contact list.
Authentication with LDAP works - locally and remotely. Also authentication via samba (run on same server as OpenLDAP) works.
However, setting up the mail system (dovecot + postfix) I encountered a problem new to me. When I try to bind as a "normal" user (here: bjoern) to LDAP it fails with wrong credentials. I can assure that I did not mistyped the password (tried multiple times). Login to the Linux system and samba with same credentials (i.e. bjoern and his password) works.
Here is the part of syslog I expect to be the cause:
Jun 17 19:36:45 server slapd[23241]: <<< dnPrettyNormal: <cn=bjoern,ou=Users,dc=domain,dc=my>, <cn=bjoern,ou=users,dc=domain,dc=my> Jun 17 19:36:45 server slapd[23241]: conn=1003 op=0 BIND dn="cn=bjoern,ou=Users,dc=domain,dc=my" method=128 Jun 17 19:36:45 server slapd[23241]: do_bind: version=3 dn="cn=bjoern,ou=Users,dc=domain,dc=my" method=128 Jun 17 19:36:45 server slapd[23241]: Jun 17 19:36:45 server slapd[23241]: ==> hdb_bind: dn: cn=bjoern,ou=Users,dc=domain,dc=my Jun 17 19:36:45 server slapd[23241]: bdb_dn2entry("cn=bjoern,ou=users,dc=domain,dc=my") Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=8 active_threads=0 tvp=zero Jun 17 19:36:45 server slapd[23241]: => hdb_dn2id("cn=bjoern,ou=users,dc=domain,dc=my") Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=9 active_threads=0 tvp=zero Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=10 active_threads=0 tvp=zero Jun 17 19:36:45 server slapd[23241]: daemon: epoll: listen=11 active_threads=0 tvp=zero Jun 17 19:36:45 server slapd[23241]: <= hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30987) Jun 17 19:36:45 server slapd[23241]: send_ldap_result: conn=1003 op=0 p=3 Jun 17 19:36:45 server slapd[23241]: send_ldap_result: err=49 matched="" text="" Jun 17 19:36:45 server slapd[23241]: send_ldap_response: msgid=1 tag=97 err=49
As I configure OpenLDAP "old school" with slapd.conf, here is the ACL set in slapd.conf:
access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by anonymous auth by self write by * none access to * by dn="cn=root,dc=domain,dc=my" write by * read access to dn.base="" by * read
Googling for the above "DB_NOTFOUND", the only hint I could find were wrong file permissions. As I have setup my system for quick backup / restore I gave it a try and did "chmod -R 777 /" and also disabled apparmor. Yet, there was no difference in the error message.
Could you please give me any indication for a solution?
Mit freundlichen Grüßen / Kind regards
Bjoern Wuest
Hausener Strasse 6a 82269 Geltendorf Mobile: +49 1522 8777840