信息:
我安装了ldap-utils,slapd在安装 slapd 时,ncurses我使用对话框输入了管理员密码。
然后我通过以下方式更改了密码
ldapmodify -Q -Y EXTERNAL -H ldapi:/// << E0F
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}qUoTRPwppaedqHQTgYOPYWokr3SiXjbK
E0F
但ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f ./users.ldif我收到以下消息:
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
顺便说一句,我没有slapd.conf。
如何通过 ldap 程序进行身份验证?
更新:
root@debian:~# cat /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{1\}mdb.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 73bfb3a8
dn: olcDatabase={1}mdb
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=nodomain
olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * none
olcAccess: {1}to attrs=shadowLastChange by self write by * read
olcAccess: {2}to * by * read
olcLastMod: TRUE
olcRootDN: cn=admin,dc=nodomain
olcDbCheckpoint: 512 30
olcDbIndex: objectClass eq
olcDbIndex: cn,uid eq
olcDbIndex: uidNumber,gidNumber eq
olcDbIndex: member,memberUid eq
olcDbMaxSize: 1073741824
structuralObjectClass: olcMdbConfig
entryUUID: 10bd0d0a-82d1-103f-92a4-058be6d2a441
creatorsName: cn=admin,cn=config
createTimestamp: 20250219054944Z
olcRootPW:: MTIzMTIzMTIz
entryCSN: 20250219060430.002303Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20250219060430Z
您必须指定正确的 DN 来向 LDAP 服务器进行身份验证,在这种情况下,您必须更改
dc=example,dc=com为dc=nodomain。