Enter LDAP Password keeps saying ldap_bind: Invalid credentials (49)

Asked 2/6, 2011 at 18:43 Answered 30/11, 2016 at 5:14

I looked everywhere for a solution to my problem but still didn't find it. I have these two simple files as sladp.conf and mytree.ldif and when i try to add something to mytree.ldif it keeps asking me for a password (which i believe is roopw defined in slapd.conf) but it doesn't work. I really need help with this.

These are my files:

slapd.conf

database dbd
suffix "dc=ers,dc=uminho,dc=pt"
rootdn "cn=Manager,dc=ers,dc=uminho,dc=pt"
rootpw ersadmin
directory /usr/local/var/openldap-data

mytree.ldif

dn: dc=ers, dc=uminho, dc=pt
objectclass: dcObject
objectclass: organization
o: ERS
dc: ers

dn: cn=Manager,dc=ers,dc=uminho,dc=pt
objectclass: organizationalRole
cn: Manager

And this is what i'm trying to do and my response:

sudo ldapadd -x -D "cn=Manager,dc=ers,dc=uminho,dc=pt" -W -f /etc/ldap/mytree.ldif
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

I already tried to encrypt the password using

slappasswd -h {SHA} -s ersadmin

and changing my slapd.conf file

password-hash   {SHA}
rootpw  {SHA}pLEBIPx4rW3eebpwACBGAZkNH4CVBRGW

but it didn't work. Thanks in advance.

Deck answered 2/6, 2011 at 18:43 Comment(1)

sorry for the terrible looks of my post – Deck 2/6, 2011 at 18:43

This question may be better suited for http://serverfault.com.

It seems your problem is with the bind (authentication) phase, so you should test with ldapsearch and get that working before you try to modify the database. Try:

ldapsearch -x -D cn=Manager,dc=ers,dc=uminho,dc=pt -w ersadmin

Assuming this gives you the same error, check your OpenLDAP logfile (by default it logs to syslog, although this is system dependent). See if the connection even gets to the server and see why it is rejecting it. If the logfile doesn't give you enough information, enable more debug logging in slapd.conf (trace/acl).

If it's not even seeing the connection, you may be authenticating to some other server, this is usually configured in ${prefix}/etc/ldap.conf.

Also make sure your slapd is actually using your slapd.conf and not another configuration source (it may be using slapd.d or a slapd.conf in a different location).

In addition to the logfile, please also always specify which version of OpenLDAP you are using, as there are vast differences between 2.3 and 2.4 (and even between minor versions).

Sajovich answered 8/6, 2011 at 12:31 Comment(1)

Thanks for the answer Ingmar Hupp. I was working with a friend's PC and now i don't have it. I'm not even working with ldap anymore. I can't tell you any specifics on the version. It was a college assignment, so i probably won't need it again (or at least for a long time). But thanks, once again. – Deck 9/6, 2011 at 9:37

I have faced the issue many times and here the solution check for the rootpw in slapd.conf what you have entered like the below,means space will be added between by chance

just copy the below and restart the ldap service

database        bdb
suffix          "dc=ldaptest,dc=com"
rootdn          "cn=Manager,dc=ldaptest,dc=com"
rootpw          {SSHA}Bnrl4t23XQxT3uzlC9AxO+hm6DNpps`Hello`

the above in my case change your Distinguished name based on your case,please lemme know once resolved

Ulla answered 12/9, 2013 at 9:53 Comment(0)

For me it's working like this

slappasswd -h {SHA} -s ersadmin

and changing my slapd.conf file (old encrypted)

rootpw  {SHA}pLEBIPx4rW3eebpwACBGAZkNH4CVBRGW

Crockett answered 30/11, 2016 at 5:14 Comment(0)

Recommended topics

Hot tags