Theunis De Klerk wrote:
> 32-bit or 64-bit?
>
64-bit.
> I'm not sure what you mean by "using profiles in ldap".
>
A person is technically just an entry with attributes.
> Does ldapsearch work? Can you try
> /usr/bin/ldapsearch -x -D "uid=username,ou=people,dc=yoursuffix,dc=com"
> -w thepassword -s base -b ""
> ?
>
Yes that works fine.
Wait - you mean ldapsearch -D
"uid=username,ou=people,dc=yoursuffix,dc=com" -w thepassword works? So
the user is able to successfully authenticate using the password after
upgrade using ldapsearch? Just not with some other tool?
* ldapsearch works
* OS login fails
* Apache mod_ldap fails
* other apps?
I'm trying to figure out what the common thread is here.
For the apps that fail - can you take a look at the directory server
access log in /var/log/dirsrv/slapd-instance/access and see what the
sequence of operations is? I just want to see if those apps are
attempting to retrieve the userPassword attribute and doing the password
comparison themselves, or using the LDAP Compare operation, rather than
just doing an LDAP BIND operation with the clear text password (which is
what ldapsearch -x -D "dn" -w cleartextpw does
That's what I don't get. All the data is there! I can
even search for a user and all their information is there. Even the
password.
--
389 users mailing list
389-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users