Discussion:
[Jxplorer-users] Invalid credentials with user DN
Santosh M
2011-01-06 09:45:49 UTC
Permalink
HI,
I am using jexplorer to connect to the Openldap.
Here is what i have done, in order to connect to the openldap:
I selected "user+password" in the "level"
In the user DN, i entered "cn=admin,dc=myadm,dc=local"
In the password, i entered the password and clicked on connect.
I am successfully able to connect.

Now, in the ldap server, i have added a new user called "sample" and here is
the user DN for the same - "cn=sample,dc=myadm,dc=local" and i have
set the password for the user using userpassword attribute.
However, when i enter the user DN - "cn=sample,dc=myadm,dc=local" along with
the password, i am not able to login.
I get a exception saying "invalid credentials"


on the contrary, on a WIndows Active directory, i added a user called
"sample" and set the password and used the username/password in the
jexplorer to connect tot he AD, and i am successfully able to connect
without much hassle.
How different is it when we use Windows AD than OpenLdap.


Please can some one help me what i am missing.
--
Warm Regards,
Santosh
Douglas E. Engert
2011-01-06 15:40:35 UTC
Permalink
Post by Santosh M
HI,
I am using jexplorer to connect to the Openldap.
I selected "user+password" in the "level"
In the user DN, i entered "cn=admin,dc=myadm,dc=local"
In the password, i entered the password and clicked on connect.
I am successfully able to connect.
Now, in the ldap server, i have added a new user called "sample" and here is the user DN for the same - "cn=sample,dc=myadm,dc=local" and i have
set the password for the user using userpassword attribute.
However, when i enter the user DN - "cn=sample,dc=myadm,dc=local" along with the password, i am not able to login.
I get a exception saying "invalid credentials"
Can you use the the OpenLDAP commands to query using the cn=sample,dc-myadm,dc=local?

If not, this may be an issue with the OpenLDAP server slapd.conf.
Check the access rules, including groups, as to who can login and what
they can do.

It might also be how you set the userPassword. It may be base64 encoded,
and may require a prefix to indicate how the password is encoded,
for example:
{SASL}***@REALM
could be used if SASL to some other system like AD is used to check passwrod.

Or:
{crypt}NP
in base64 this is: e2NyeXB0fU5QCg

if the password is to be treated as run with crypt, where NP means no
password matches, i.e. use something other the LDAP for authentication
like Kerberos.
Post by Santosh M
on the contrary, on a WIndows Active directory, i added a user called "sample" and set the password and used the username/password in the jexplorer to connect tot he AD, and i am successfully able to
connect without much hassle.
How different is it when we use Windows AD than OpenLdap.
Please can some one help me what i am missing.
--
Warm Regards,
Santosh
------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and,
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Jxplorer-users mailing list
https://lists.sourceforge.net/lists/listinfo/jxplorer-users
--
Douglas E. Engert <***@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Santosh M
2011-01-07 12:23:38 UTC
Permalink
Thanks.
Here the real problem is when i create a new user on ldap server and use
that to try to connect using jexplorer.

As i said earlier, i am successfully able to connect to the LDAP server
using the "admin" user as in the DN - "cn=admin,dc=myadm,dc=local"
But, when i create a new user inside admin, say "simple", then when u use
the base DN - cn=simple,cn=admin,dc=myadm,dc=local then i face problem in
connecting with the error "invalid credentials"

My query is - why is the admin user able to login with the user DN but not
any newly added user.
Also, i am using Ubuntu 10.10 where fortunately or unfortunately the
slapd.conf is deprecated.
so i cant list the slapd.conf file :(

Thanks.
Post by Santosh M
Post by Santosh M
HI,
I am using jexplorer to connect to the Openldap.
I selected "user+password" in the "level"
In the user DN, i entered "cn=admin,dc=myadm,dc=local"
In the password, i entered the password and clicked on connect.
I am successfully able to connect.
Now, in the ldap server, i have added a new user called "sample" and here
is the user DN for the same - "cn=sample,dc=myadm,dc=local" and i have
Post by Santosh M
set the password for the user using userpassword attribute.
However, when i enter the user DN - "cn=sample,dc=myadm,dc=local" along
with the password, i am not able to login.
Post by Santosh M
I get a exception saying "invalid credentials"
Can you use the the OpenLDAP commands to query using the
cn=sample,dc-myadm,dc=local?
If not, this may be an issue with the OpenLDAP server slapd.conf.
Check the access rules, including groups, as to who can login and what
they can do.
It might also be how you set the userPassword. It may be base64 encoded,
and may require a prefix to indicate how the password is encoded,
could be used if SASL to some other system like AD is used to check passwrod.
{crypt}NP
in base64 this is: e2NyeXB0fU5QCg
if the password is to be treated as run with crypt, where NP means no
password matches, i.e. use something other the LDAP for authentication
like Kerberos.
Post by Santosh M
on the contrary, on a WIndows Active directory, i added a user called
"sample" and set the password and used the username/password in the
jexplorer to connect tot he AD, and i am successfully able to
Post by Santosh M
connect without much hassle.
How different is it when we use Windows AD than OpenLdap.
Please can some one help me what i am missing.
--
Warm Regards,
Santosh
------------------------------------------------------------------------------
Post by Santosh M
Learn how Oracle Real Application Clusters (RAC) One Node allows
customers
Post by Santosh M
to consolidate database storage, standardize their database environment,
and,
Post by Santosh M
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Jxplorer-users mailing list
https://lists.sourceforge.net/lists/listinfo/jxplorer-users
--
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and,
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Jxplorer-users mailing list
https://lists.sourceforge.net/lists/listinfo/jxplorer-users
--
Warm Regards,
Santosh
Loading...