Hi,

I am getting a error ldap_bind: Invalid credentials (49)
when add my ldif file with ldapadd -D “cn=Manager,dc=linuxcbt,dc=internal” -W -x -f build_root_ou.ldif command

my ldif file is:
#Build the root node
dn: dc=linuxcbt,dc=internal
dc: linuxcbt
objectClass: dcObject
objectClass: organizationalUnit
ou: LINUXCBTINTERNAL

my slapd.conf file is :

See slapd.conf(5) for details on configuration options.

This file should NOT be world readable.

include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast.schema

Define global ACLs to disable default read access.

Do not enable referrals until AFTER you have a working directory

service AND an understanding of referrals.

#referral ldap://root.openldap.org

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

Load dynamic backend modules:

modulepath /usr/lib/openldap/modules

moduleload back_bdb.la

moduleload back_hdb.la

moduleload back_ldap.la

Sample security restrictions

Require integrity protection (prevent hijacking)

Require 112-bit (3DES or better) encryption for updates

Require 63-bit encryption for simple bind

security ssf=1 update_ssf=112 simple_bind=64

Sample access control policy:

Root DSE: allow anyone to read it

Subschema (sub)entry DSE: allow anyone to read it

Other DSEs:

Allow self write access to user password

Allow anonymous users to authenticate

Allow read access to everything else

Directives needed to implement policy:

access to dn.base=""
by * read

access to dn.base=“cn=Subschema”
by * read

access to attrs=userPassword,userPKCS12
by self write
by * auth

access to attrs=shadowLastChange
by self write
by * read

access to *
by * read

if no access controls are present, the default policy

allows anyone and everyone to read anything but restricts

updates to rootdn. (e.g., “access to * by * read”)

rootdn can always read and write EVERYTHING!

#######################################################################

BDB database definitions

#######################################################################

database bdb
suffix “dc=linuxcbt,dc=internal”
checkpoint 1024 5
cachesize 10000
rootdn “cn=Manager,dc=linuxcbt,dc=internal”

Cleartext passwords, especially for the rootdn, should

be avoid. See slappasswd(8) and slapd.conf(5) for details.

Use of strong authentication encouraged.

#rootpw secret
#rootpw abc123
rootpw {SSHA}E4v1N3XQ9rI+T3THIwM7pJ+F3J6ZIJjO
#rootpw {SSHA}ZZtc2iNxcj4Y4RC+fAZuP162cojUOMMg

The database directory MUST exist prior to running slapd AND

should only be accessible by the slapd and slap tools.

Mode 700 recommended.

directory /var/lib/ldap

Indices to maintain

index objectClass eq

pls help me.

Try setting up ldap client/server and the dns/dhcp services using yast>network services.
The yast tools work quite well.

I had try but getting the same error through yast ldap client login

The invalid credentials message is telling you that there is a problem with the login - usually the username, domain name or password is incorrect.
If you are certain of the pwd and user name, try checking or unchecking the ‘append domain name’ box.
How did you set up the ldap server - did you use yast or was it already set up?

Even I have the same problem.
After starting the ldap service and trying to use ldapadd[without any options] it says
ldap_bind: Invalid credentials (49)
even if i type the same password as in slapd.conf file.
Which all files need to be modified for authentication?
Please reply.