ldap - authentication failed using ldapsearch -
i created local ldap server apache directory studio. user entry created uid "djiao1" , password "123456" (sha hashed password).
i able search user following ldapsearch command:
ldapsearch -h ldap://localhost:10389 -x uid=djiao1 # extended ldif # # ldapv3 # base <> (default) scope subtree # filter: uid=djiao1 # requesting: # # djiao, users, example.com dn: cn=djiao,ou=users,dc=example,dc=com sn: jiao cn: djiao objectclass: top objectclass: inetorgperson objectclass: person objectclass: organizationalperson userpassword:: e3noyx1mrxfoq2nvm1lxowg1wlvnbeqzq1pkvdrsqnm9 uid: djiao1 # search result search: 2 result: 0 success # numresponses: 2 # numentries: 1
however if run -w prompt password , type in "123456" "invalid credentials" error:
ldapsearch -h ldap://localhost:10389 -w -x uid=djiao1 enter ldap password: ldap_bind: invalid credentials (49) additional info: invalid_credentials: bind failed: invalid authentication
i tried long string shown userpassword e3noyx1mrxfoq2nvm1lxowg1wlvnbeqzq1pkvdrsqnm9
, still got same error.
the below screenshot verification successful password 123456 user. why doesn't password work?
i suppose problem not use login, use password, try this:
ldapsearch -x -lll -h ldap://localhost:10389/ -b dc=example,dc=com -d "cn=djiao,ou=users,dc=example,dc=com" -w 123456 uid=djiao1
the key moment here full dn of user password use:
cn=djiao,ou=users,dc=example,dc=com
Comments
Post a Comment