I looked everywhere for a solution to my problem but still didn't find it. I have these two simple files as sladp.conf and mytree.ldif and when i try to add something to mytree.ldif it keeps asking me for a password (which i believe is roopw defined in slapd.conf) but it doesn't work. I really need help with this.
These are my files:
slapd.conf
database dbd
suffix "dc=ers,dc=uminho,dc=pt"
rootdn "cn=Manager,dc=ers,dc=uminho,dc=pt"
rootpw ersadmin
directory /usr/local/var/openldap-data
mytree.ldif
dn: dc=ers, dc=uminho, dc=pt
objectclass: dcObject
objectclass: organization
o: ERS
dc: ers
dn: cn=Manager,dc=ers,dc=uminho,dc=pt
objectclass: organizationalRole
cn: Manager
And this is what i'm trying to do and my response:
sudo ldapadd -x -D "cn=Manager,dc=ers,dc=uminho,dc=pt" -W -f /etc/ldap/mytree.ldif
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
I already tried to encrypt the password using
slappasswd -h {SHA} -s ersadmin
and changing my slapd.conf file
password-hash {SHA}
rootpw {SHA}pLEBIPx4rW3eebpwACBGAZkNH4CVBRGW
but it didn't work. Thanks in advance.
This question may be better suited for http://serverfault.com.
It seems your problem is with the bind (authentication) phase, so you should test with ldapsearch
and get that working before you try to modify the database. Try:
ldapsearch -x -D cn=Manager,dc=ers,dc=uminho,dc=pt -w ersadmin
Assuming this gives you the same error, check your OpenLDAP logfile (by default it logs to syslog, although this is system dependent). See if the connection even gets to the server and see why it is rejecting it. If the logfile doesn't give you enough information, enable more debug logging in slapd.conf (trace/acl).
If it's not even seeing the connection, you may be authenticating to some other server, this is usually configured in ${prefix}/etc/ldap.conf
.
Also make sure your slapd is actually using your slapd.conf and not another configuration source (it may be using slapd.d or a slapd.conf in a different location).
In addition to the logfile, please also always specify which version of OpenLDAP you are using, as there are vast differences between 2.3 and 2.4 (and even between minor versions).