Ubuntu 10.04 (Lucid) OpenLDAP invalid credentials issue
- by gmuller
This won't be a question, but a solution to an infuriating problem on Ubuntu 10.04.
If you tried to deploy an LDAP server using this distro following the tutorials below, you'll be on serious trouble.
Tutorials:
https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
https://help.ubuntu.com/9.10/serverguide/C/samba-ldap.html
The error first appear, on the line:
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase=hdb olcAccess"
It simply won't allow admin to access the "cn=config", thus you won't be able to deploy the LDAP server correctly.
After almost a week searching for a solution, I've found this page:
https://bugs.launchpad.net/ubuntu-docs/+bug/333733
On comment #5, the solution is presented. Quoting the author:
when you get to the setting up ACL part you all of a sudden need to use a cn=admin,cn=config, that doesn't exist
creating a config.ldif with
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=admin,cn=config
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: secret
dn: olcDatabase={0}config,cn=config
changetype: modify
delete: olcAccess
and adding it with
ldapadd -Y EXTERNAL -H ldapi:/// -f config.ldif
It's unacceptable that a Linux distribution, popular like Ubuntu, have such ridiculous bug.
Hope it helps everyone!