On Thu, Oct 6, 2011 at 9:50 AM, Craig White craig.white@ttiltd.com wrote:
Obviously there is something that I don't understand because I would expect to be able to bind using CN as well as UID attribute...
version: 2.4.21-0ubuntu5.5
***** this as you can see works ***** # ldapsearch -x -D 'uid=cwhite,ou=people,dc=ttinet,dc=local' -W '(uid=cwhite)' uid, cn Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=ttinet,dc=local> (default) with scope subtree # filter: (uid=cwhite) # requesting: uid, cn #
# cwhite, people, ttinet.local dn: uid=cwhite,ou=people,dc=ttinet,dc=local cn: Craig White
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1
***** same as above but using cn instead of uid ***** # ldapsearch -x -D 'cn=Craig White,ou=people,dc=ttinet,dc=local' -W '(uid=cwhite)' uid, cn Enter LDAP Password: ldap_bind: Invalid credentials (49)
I have to believe that if this is an ACL issue, then the very first rule is the problem...
olcAccess: {0}to attrs=userPassword,shadowLastChange by dn.exact="uid=administ rator,ou=people,dc=ttinet,dc=local" write by self write by anonymous auth by * none
What is it that I am missing?
-- Craig White ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ craig.white@ttiltd.com 1.800.869.6908 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ www.ttiassessments.com
Need help communicating between generations at work to achieve your desired success? Let us help!
I guess it not matter of CN or UID, you can only bind using DN and a valid
password. The key is DN, your can search DN using any attribute and then do the bind using DN.