R H wrote:
rootdn "cn=admin,o=testcompany.com [..] however I've noticed, that *cn=admin,o=testcompany.com* entry doesn't exists, while it did using the default config after i've installed openldap.
The rootdn can be used without an LDAP entry existing for it. Otherwise you would have an hen-and-egg-problem when starting with an empty DB.
access to attrs=userPassword,shadowLastChange by dn="cn=admin,o=testcompany.com" write by anonymous auth by self write by * none [..] However (this is where my problem is) when i try to log into Redmine with a user that i've just created (with ldap authentication) i always get Invalid credentials error
You should likely check your ACLs. Order is significant in all parts: Order of access directives and order if <who> clauses.
https://www.openldap.org/doc/admin24/access-control.html
https://www.openldap.org/faq/data/cache/189.html
(while it works like a charm when i login with any other account, created with Simple Authentication)
This sentence does not make sense to me.
In Redmine, I've configured and tested the *ldap authentication*.
You'd better test with OpenLDAP command-line tools first, e.g. ldapsearch for testing the redmine user search and ldapwhoami for testing the password authentication.
These events led me to believe that the error is in the LDAP configuration. After a few more hours/days of fooling around with the *ACL*s and *dpkg-reconfigure slapd*
I'd recommend to write your slapd.conf completely yourself and don't use any external configuration tool. This leads to reproducible results and better insights.
Ciao, Michael.