Openldap: getting error as ldap_bind: Invalid credentials (49)


 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers Openldap: getting error as ldap_bind: Invalid credentials (49)
# 1  
Old 10-28-2019
Openldap: getting error as ldap_bind: Invalid credentials (49)

Hi,

we are setting up an hadoop environment in Azure. we are having java 7 installed and below steps which i have completed and getting error while as "ldap_bind: Invalid credentials (49)" doing ldapsearch
1. I have installed openldap-servers.x86_64 openldap-clients.x86_64 krb5-server-ldap.x86_64 cyrus-sasl cyrus-sasl-ldap
2.
Code:
sudo /bin/grep -q "^%cloudera-scm\ *ALL=NOPASSWD:.*slapd" /etc/sudoers || echo "%cloudera-scm ALL=NOPASSWD:/etc/init.d/slapd , /sbin/service slapd *" | sudo /usr/bin/tee -a /etc/sudoers > /dev/null

3. sudo chkconfig slapd on
4. service slapd start
5.
Code:
 [root@*********** openldap]# slappasswd
New password:
Re-enter new password:
{SSHA}teRNPA8jxcxAPArWAaVNIbh07N33x0WT

6.
Code:
 [root@******* ~]# cd /etc/openldap/
[root@******* openldap]# ls -ltr
total 12
-rw-r--r-- 1 root root  121 Dec 18  2018 check_password.conf
drwxr-xr-x 2 root root   90 Oct 20 01:14 certs
drwxr-xr-x 2 root root 4096 Oct 24 06:19 schema
drwxr-x--- 3 ldap ldap   45 Oct 24 06:19 slapd.d
-rw-r--r-- 1 root root  489 Oct 24 08:18 ldap.conf

7.Create LDAP cn=Manager account in initial DB and update the base dn of your ldap base
Code:
root@********* openldap]# cat ldapmanager.ldif
dn: olcDatabase={2}bdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=np,dc=bigdata,dc=eqh
-
replace: olcRootDN
olcRootDN: cn=Manager,dc=np,dc=bigdata,dc=eqh
-
add: olcRootPW
olcRootPW: {SSHA}teRNPA8jxcxAPArWAaVNIbh07N33x0WT==> same password setup earlier

8.
Code:
[root@****** openldap]# sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f ldapmanager.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={2}bdb,cn=config"
ldap_modify: No such object (32)
        matched DN: cn=config

9.
Code:
 [root@******** openldap]# cat changemanageracl.ldif
dn: olcDatabase={0}config,cn=config
changetype: modify
delete: olcAccess
-
add: olcAccess
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by dn.base="cn=Manager,dc=np,dc=bigdata,dc=eqh" manage by * none

10.
Code:
 [root@******* openldap]# sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f changemanageracl.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={0}config,cn=config"

11.we have added the below ldif files
Code:
[root@******** cn=schema]# ls -ltrh
total 100K
-rw------- 1 ldap ldap  16K Oct 24 06:19 cn={0}core.ldif
-rw------- 1 ldap ldap 1.4K Oct 25 08:55 cn={1}corba.ldif
-rw------- 1 ldap ldap  12K Oct 25 08:55 cn={2}cosine.ldif
-rw------- 1 ldap ldap 4.5K Oct 25 08:56 cn={3}duaconf.ldif
-rw------- 1 ldap ldap 1.8K Oct 25 08:56 cn={4}dyngroup.ldif
-rw------- 1 ldap ldap 2.9K Oct 25 08:56 cn={5}inetorgperson.ldif
-rw------- 1 ldap ldap 2.7K Oct 25 08:57 cn={6}java.ldif
-rw------- 1 ldap ldap 1.6K Oct 25 08:58 cn={7}misc.ldif
-rw------- 1 ldap ldap 1.4K Oct 25 08:58 cn={8}openldap.ldif
-rw------- 1 ldap ldap 3.9K Oct 25 08:58 cn={9}ppolicy.ldif
-rw------- 1 ldap ldap 1.6K Oct 25 08:59 cn={10}collective.ldif
-rw------- 1 ldap ldap  11K Oct 25 08:59 cn={11}kerberos.ldif
-rw------- 1 ldap ldap 6.5K Oct 27 22:17 org-cn={12}nis.ldif-org
-r--r--r-- 1 root root 9.5K Oct 27 23:05 cn={12}rfc2307bis.ldif

12.
Code:
 [root@****** cn=schema]# service slapd restart ==> started successfully

13.
Code:
 [root@lvmbgmnp1008 ~]# ldapsearch -x -D "cn=Manager,dc=np,dc=bigdata,dc=eqh" -W -H ldapi://  -b dc=np,dc=bigdata,dc=eqh
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

14.
Code:
[root@lvmbgmnp1008 openldap]# cat ldap.conf
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

URI ldap://lvmbgmnp1008.np.bigdata.eqh
BASE    dc=np,dc=bigdata,dc=eqh
#URI     ldaps://localhost
#BINDDN cn=manager,dc=bigdata,dc=eqh
#TLS_CACERTDIR /etc/openldap/cacerts
TLS_REQCERT demand

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never

#TLS_CACERTDIR  /etc/pki/tls/certs

# Turning this off breaks GSSAPI used with krb5 when rdns = false
#SASL_NOCANON   on


Last edited by vbe; 10-28-2019 at 05:41 PM.. Reason: code tags please
# 2  
Old 10-28-2019
Please post the exact command you ran and the error message your saw.

Thanks.
# 3  
Old 10-28-2019
Hi Neo,
whatever password i have set it up during SLAPPASSWD same password i have given on olcRootPW in ldapmanager.ldif . but i was trying to do add the ldapbase at that time it was asking for ldap password and when i was trying to give the same password its not taking .please find the below details

Code:
[root@******** openldap]# ldapadd -x -D "cn=Manager,dc=np,dc=bigdata,dc=eqh" -W -H ldapi:// -f ldapbase.ldif
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

[root@******** openldap]# cat ldapbase.ldif
dn: dc=np,dc=bigdata,dc=eqh
changetype: add
objectClass: dcObject
objectClass: organization
dc: bigdata
o: bigdata

dn: ou=Services,dc=np,dc=bigdata,dc=eqh
objectClass: organizationalUnit
ou: Services

dn: uid=cloudera-service,ou=Services,dc=np,dc=bigdata,dc=eqh
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Cloudera service account
sn: Cloudera service account
uid: cloudera-service
userPassword: Y2xvdWRlcmE=

dn: ou=Kerberos,dc=np,dc=bigdata,dc=eqh
changetype: add
objectClass: organizationalRole
objectClass: top
cn: Kerberos Realms
ou: Kerberos

dn: cn=kdc-service,ou=Services,dc=np,dc=bigdata,dc=eqh
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: kdc-service
sn: KDC Service
userPassword: {SSHA}twkthDCFWL/KNzcIWpxb6OjLlw6+RoVI

dn: cn=adm-service,ou=Services,dc=np,dc=bigdata,dc=eqh
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: adm-service
sn: KDC Adm Service
userPassword: {SSHA}twkthDCFWL/KNzcIWpxb6OjLlw6+RoVI

dn: ou=Users,dc=np,dc=bigdata,dc=eqh
objectClass: organizationalUnit
ou: Users

LDAPSEARCH also not working getting the same error
**********************************************************************
[root@******** ~]# ldapsearch -x -D "cn=Manager,dc=np,dc=bigdata,dc=eqh" -W -H ldapi://  -b dc=np,dc=bigdata,dc=eqh
Enter LDAP Password:
ldap_bind: Invalid credentials (49)


Last edited by Neo; 10-28-2019 at 11:50 PM.. Reason: Code Tags Please See YT Video on this: https://youtu.be/4BuPvWJV__k
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Programming

C++ Linking Error: invalid DSO for symbol

I am on a FreeBSD system trying to build a piece of software that I wrote. I had built it in the past but recently reinstalled FreeBSD. I am not sure what is going on. The software depends on and wxgtk2.8. Using g++: $ make g++ -c `wx-config --cxxflags`... (9 Replies)
Discussion started by: AntumDeluge
9 Replies

2. Shell Programming and Scripting

Invalid null command error

Hi, I have this script which gives me output as Invalid null command set recent_file=`grep '^-.*xlsx$' $FTP_LOG |\ sed -e 's/Jan/1/g' \ -e 's/Feb/2/g' \ -e 's/Mar/3/g' \ -e... (6 Replies)
Discussion started by: juzz4fun
6 Replies

3. Red Hat

OpenLDAP Server Configuration error

I followed the guide from the below link to set up a ldap server. After everything is finished, I configured a client for ldap authentication and I can search the entries in ldap using the command ldapsearch -x ZZ but when I am trying to login to the client using a ldap user, the prompt just keeps... (0 Replies)
Discussion started by: aninmuk
0 Replies

4. Shell Programming and Scripting

sed error: invalid reference

Hello all, I am using sed to parse a particular part of a string and am having problems. I am getting the following error: sed: -e expression #1, char 28: invalid reference \1 on `s' command's RHS Here is the code I am using: echo "Alarm SET:" echo "" echo "Date: " $DATE echo... (4 Replies)
Discussion started by: dlundwall
4 Replies

5. HP-UX

ERROR[55]: Invalid or inaccessible system ID

Hi all, I was changing a motherboard which has the MP console down on an rx4640. I am receiving the following error: ERROR: Invalid or inaccessible system ID(s) then it takes me to the EFI where it doesn't boot from the primary path. I contacted a colleague who already replaced two... (0 Replies)
Discussion started by: MazenH
0 Replies

6. Linux

Error YUM after removing openldap

Dear all, I am working on Centos 6 (2.6.32-71.29.1.el6.x86_64). After removing openldap (openldap-2.4.19-15.el6.x86_64), i can not perform command yum (or /usr/bin/yum). *Here is error: # yum search anypackage There was a problem importing one of the Python modules required to run yum.... (1 Reply)
Discussion started by: all4cfa
1 Replies

7. Shell Programming and Scripting

useradd: ERROR: invalid syntax

Hello - I have the below script syncToken=None;\ forceDeleteUserHome=true;\ nisPwdDir=/etc;\ mirrorFilesLocation=/etc/connector_mirror_files;\ removeHomeDirContents=true;\ shadow=false;\ connectorPrompt=#;\ nisBuildDirectory=/var/yp;\ PGROUP=nogroup;\ COMMENTS='Comments\\ with\\... (2 Replies)
Discussion started by: manju--
2 Replies

8. Shell Programming and Scripting

Capturing the invalid records to error file

HI, I have a source file which has the below data. Tableid,table.txt sourceid,1,2,3,4,5,6 targetid,1,2,3,4,5,6 Tableid,table sourceid,1,2,3,4,5,6 targetid,1,2,3,4,5,6 Tableid,table.txt sourceid,1,2,3,4,5,6 targetid,1,2,3,4,5,6 Tableid,table sourceid,1,2,3,4,5,6 targetid,1,2,3,4,5,6... (6 Replies)
Discussion started by: shruthidwh
6 Replies

9. Shell Programming and Scripting

01.30 Invalid shell error

Hi, I am getting the error 01.30 Invalid shell error I am running the bash shell script in the korn login shell. I have mentioned the #!/bin/bash statement in the my script but not sure why it is giving this error to me.. (4 Replies)
Discussion started by: mr_harish80
4 Replies

10. UNIX for Dummies Questions & Answers

Ldap : Invalid credentials

Hi All, :) I have configure openldap but when I test this its show me a massage that "Invalid Creedientials". I search for the slove at Google, Yahoo but I did not find any solution. Plz help me. :cool: (3 Replies)
Discussion started by: Sudipta Biswas
3 Replies
Login or Register to Ask a Question