headers
wenlai wang | 2 Aug 2006 01:45
Picon
Favicon

Re: access problem when I try to do ldapsearch with openldap 2.3.24

I use the following ldapsearch command, but still have some problems, please correct if anything is wrong here:
 
 ./ldapsearch -h sol-apollo -p 389 -x -b  "ou=Groups,dc=testdomain,dc=com" -D  "cn=Manager,dc=testdomain,dc=com" -w secret "(objectclass=*)"
 
Problems:
slapd starting
=> access_allowed: search access to ou=Groups,dc=callidussoftware,dc=com" "objectClass" requested
<= root access granted
=> access_allowed: read access to "ou=Groups,dc=testdomain,dc=com" "entry" requested
<= root access granted
=> access_allowed: read access to "ou=Groups,dc=testdomain,dc=com" "objectClass" requested
<= root access granted
=> access_allowed: read access to "ou=Groups,dc=testdomain,dc=com" "ou" requested
<= root access granted
=> access _allowed: search access to "cn=Reconciler,ou=Groups,dc=testdomain,dc=com" "objectClass" requested
<= root access granted
=> access_allowed: read access to "cn=Reconciler,ou=Groups,dc=testdomain,dc=com" "entry" requested
<= root access granted
=> access_allowed: read access to "cn=Reconciler,ou=Groups,dc=testdomain,dc=com" "objectClass" requested
<= root access granted
=> access_allowed: read access to "cn=Reconciler,ou=Groups,dc=testdomain,dc=com" "cn" requested
<= root access granted
=> access_allowed: read access to "cn=Reconciler,ou=Groups,dc=testdomain,dc=com" "member" requested



Quanah Gibson-Mount <quanah-FGKo4X94FMn2fBVCVOL8/A@public.gmane.org> wrote:


--On Tuesday, August 01, 2006 3:57 PM -0700 wenlai wang
wrote:

>
> Many thanks to your prompt reply, I tried your advice, still have
> problem:
>
># ./ldapsearch -x -b "ou=Groups,d=ctestdomain,dc=com" -w secret
># "(objectclass=*)"
> ldap_bind: Invalid credentials (49)

This would imply that "secret" is not a valid password for your unspecified
bind DN. You probably want to specify a DN to bind as with the "-D" flag.
Or else get rid of "-w secret" so that you do a purely anonymous search.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

---
You are currently subscribed to ldap-63aXycvo3TyHXe+LvDLADg@public.gmane.org as: [wenlaiw99-/E1597aS9LQAvxtiuMwx3w@public.gmane.org]
To unsubscribe send email to ldap-request-63aXycvo3TyHXe+LvDLADg@public.gmane.org with the word UNSUBSCRIBE as the SUBJECT of the message.

Do you Yahoo!?
Next-gen email? Have it all with the all-new Yahoo! Mail Beta.
Permalink | Reply |
headers
Quanah Gibson-Mount | 2 Aug 2006 01:53
Picon
Favicon

Re: access problem when I try to do ldapsearch with openldap 2.3.24


--On Tuesday, August 01, 2006 4:45 PM -0700 wenlai wang 
<wenlaiw99@...> wrote:

>
> I use the following ldapsearch command, but still have some problems,
> please correct if anything is wrong here:
>
>  ./ldapsearch -h sol-apollo -p 389 -x -b
> "ou=Groups,dc=testdomain,dc=com" -D  "cn=Manager,dc=testdomain,dc=com" -w
> secret "(objectclass=*)"

What "problem" do you think exists?  It is requesting the entry when the 
search is being performed.  All that the word "entry" indicates is that 
you've requested the entire entry, rather than specific attributes.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
Permalink | Reply |

Gmane