I am seeing invalid credential error logs a lot.

Could you guys let me know how to solve this issue?

Thanks.

 

 

 

Server Log(slurpd -d 2)

 

 

Replicated Log (/usr/sbin/slapd -u ldap -d 2 -h ldap:///)

Slapd.conf

database        bdb

suffix          "dc=ijji,dc=com"

rootdn          "cn=Manager,dc=ijji,dc=com"

rootpw          {SSHA}EpkPadkANDlpX7yfcsa2WbA+bSssh0S4

# Cleartext passwords, especially for the rootdn, should

# be avoided.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

# rootpw                secret

# rootpw                {crypt}ijFYNcSNctBYg

 

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/ldap/ijji.com

 

# Indices to maintain for this database

index objectClass                       eq,pres

index ou,cn,mail,surname,givenname      eq,pres,sub

index uidNumber,gidNumber,loginShell    eq,pres

index uid,memberUid                     eq,pres,sub

index nisMapName,nisMapEntry            eq,pres,sub

#updatedn cn=Replication Manager,dc=ijji,dc=com

#updateref ldap://ca1xc115.ijji.com

access to attrs=userPassword

        by self write

                by anonymous auth

                by dn.base="cn=Manager,dc=ijji,dc=com" write

                by * none

access to *

                by self write

                by dn.base="cn=Manager,dc=ijji,dc=com" write

                by * read

 

access to attrs=userPassword

                by self write

                by anonymous auth

                by dn.base="cn=Replication Manager,dc=ijji,dc=com" write

                by * none

access to *

                by self write

                by dn.base="cn=Replication Manager,dc=ijji,dc=com" write

                by * read

# Replicas of this database

replogfile /var/lib/ldap/openldap-master-replog

replica host=ca1xc115.ijji.com:389

        binddn="cn=Replication Manager,dc=ijji,dc=com"

        bindmethod=simple credentials=skdltmwkq

loglevel -1

 

 

 

database        bdb

suffix          "dc=ijji,dc=com"

rootdn          "cn=Manager,dc=ijji,dc=com"

rootpw          {SSHA}EpkPadkANDlpX7yfcsa2WbA+bSssh0S4

# Cleartext passwords, especially for the rootdn, should

# be avoided.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

# rootpw                secret

# rootpw                {crypt}ijFYNcSNctBYg

 

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/ldap/ijji.com

 

# Indices to maintain for this database

index objectClass                       eq,pres

index ou,cn,mail,surname,givenname      eq,pres,sub

index uidNumber,gidNumber,loginShell    eq,pres

index uid,memberUid                     eq,pres,sub

index nisMapName,nisMapEntry            eq,pres,sub

updatedn "cn=Replication Manager,dc=ijji,dc=com"

updateref ldap://ca1xc124.ijji.com

access to attrs=userPassword

        by self write

                by anonymous auth

                by dn.base="cn=Manager,dc=ijji,dc=com" write

                by * none

access to *

                by self write

                by dn.base="cn=Manager,dc=ijji,dc=com" write

                by * read

 

access to attrs=userPassword

                by self write

                by anonymous auth

                by dn.base="cn=Replication Manager,dc=ijji,dc=com" write

                by * none

access to *

                by self write

                by dn.base="cn=Replication Manager,dc=ijji,dc=com" write

                by * read

# Replicas of this database

#replogfile /var/lib/ldap/openldap-master-replog

#replica host=ldap-1.example.com:389 starttls=critical

#     bindmethod=sasl saslmech=GSSAPI

#     authcId=host/ldap-master.example.com@EXAMPLE.COM

loglevel -1

 

 

 

 

 

 

Justin Choi

Sr. Security Engineer

NHN USA, Inc.

3353 Michelson Suite 250

Irvine, CA 92612

Mobile (408) 329-8554

MSN iD: counterhacker@live.com

Office (949) 863-1292 ext 256

Fax (949) 863-9418

cid:image001.jpg@01C918D1.78DC6130