Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   {Disarmed} Problem with first login (http://www.linux-archive.org/centos/358863-disarmed-problem-first-login.html)

Craig White 04-19-2010 01:08 PM

{Disarmed} Problem with first login
 
On Mon, 2010-04-19 at 17:12 +0800, sync wrote:
> Hi , guys:
>
> I have a problem on the openldap Manager account login :
>
> The server is running CentOS 5.3 i386 and I have
> phpldapadmin-1.0.1-1.el5.noarch.rpm installed .
> It's running apache 2.2.3 with php 5.1.6 and openldap 2.3.34.
>
> I believe I have slapd setup correctly but I'm not completely
> sure.
>
> My /etc/openldap/slapd.conf file has...
>
> access to *
> by self write
> by * read
> by anonymous auth
----
this doesn't seem right to me - at the point you do access to * by *,
every other ACL below that becomes meaningless.
----
>
> database bdb
> suffix "dc=my-domain,dc=com"
> rootdn "cn=Manager,dc=my-domain,dc=com"
> rootpw {SSHA}xxxxx
>
> My /etc/ldap.conf has the following lines (among others)...
> host MailScanner warning: numerical links are often malicious:
> 127.0.0.1
> base dc=my-domain,dc=com
>
> If I do the following command...
>
> ldapsearch -x -D "cn=Manager,dc=my-domain,dc=com" -W
>
> from the command line it asks for a password.
>
> If I type the password I created with slapppassd and have as
> rootpw in slapd.conf it carries on and returns the following (with
> comments removed)...
>
> search: 2
> result: 32 No such object
----
you didn't give it an object to search for
----
>
> So it appears that from the command line authentication with ldap
> is working.
----
yes, it is working
----
>
> In my phpldapadmin config.php file i've modified the following
> lines...
> $ldapservers->SetValue($i,'server','host','MailScanner warning:
> numerical links are often malicious: 127.0.0.1');
> $ldapservers->SetValue($i,'server','port','389');
> $ldapservers->SetValue($i,'server','auth_type','session');
>
> When I go to phpldapadmin and do "Anonymous Bind" it connects and
> allows me to view the ldap tree.
----
yes, you allow that with your ACL's
----
> If I try and login with user "Manager" and the password I use on
> the command line, it doesn't work giving me... "Bad username or
> password. Please try again."
>
> I've also tried putting the following line to my config.php file but
> to no avail...
> $ldapservers->SetValue($i,'server','base',array('my-domain',
> 'com'));
>
> Am I using the correct username?
> Are there any commands I can do to further check my ldap server is
> setup correctly?
> Are there any log files I can look at?
>
> Thanks for all your help.
----
your login 'name' in phpldapadmin would likely have to be the rootbinddn
at this stage... cn=Manager,dc=my-domain,dc=com as I think Alexander has
already pointed out. The 'server' base array should be
'dc=my-domain,dc=com'

Craig


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 11:43 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.