Support Questions

Hello, I am having trouble to connect to cloudera Manager with a user from LDAP.

I configured a ldap server on the local machine, so the URI in cloudera Manager is ldap://localhost/dc=example,dc=com

 My ACL should allow anonymous auth:

access to attrs="userPassword"
by anonymous auth
by self write
by * none
access to *
by dn="uid=admin,dc=example,dc=com" write
by self write
by users read
by anonymous auth

When I do a search manually I can find the user:

[root@evl2400469 openldap]# ldapsearch -x -L -b "ou=people,dc=example,dc=com" -s sub -H ldap://localhost
version: 1

#
# LDAPv3
# base <ou=people,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# people, example.com
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people

# toto1, people, example.com
dn: uid=toto1,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
uid: toto1
givenName: Toto1
sn: tt1
cn: Toto1
o: Example
title: System Administrator
userPassword:: e1NTSEF9T0xKaFNiaG9xOUlJTFY1YU9vQ0JzZVp3MDlUaTB1Rmgg

# search result

# numResponses: 3
# numEntries: 2

I am using this pattern:

uid={0},ou=people,dc=example,dc=com

I tried with and without LDAP Bind User Distinguished Name and LDAP Bind Password also.

But it seems it can't find it: 

It says: "user name or password not valid"

I am trying to connect with:

dn: uid=toto1,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
uid: toto1
givenName: Toto1
sn: tt1
cn: Toto1
userPassword: {SSHA}OLJhSbhoq9IILV5aOoCBseZw09Ti0uFh
o: Example

I use "toto1" as username and "password" as password (I used slappassword -h {SSHA} -s "password" to generate the password).

I really don't see where the problem is. 

Can you help me ? thanks.

Regards, Kevin.

Here are some logs from ldap server :

May 12 15:38:39 evl2400469 slapd[14256]: conn=14 fd=11 ACCEPT from IP=127.0.0.1:33908 (IP=0.0.0.0:389)
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=0 BIND dn="cn=admin,dc=example,dc=com" method=128
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=0 BIND dn="cn=admin,dc=example,dc=com" mech=SIMPLE ssf=0
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=0 RESULT tag=97 err=0 text=
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=1 SRCH base="" scope=2 deref=3 filter="(member=uid=toto1,ou=people,dc=example,dc=com)"
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=1 SRCH attr=cn objectClass javaSerializedData javaClassName javaFactory javaCodeBase javaReferenceAddress javaClassNames javaRemoteLocation
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 fd=12 ACCEPT from IP=127.0.0.1:34083 (IP=0.0.0.0:389)
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=0 BIND dn="uid=toto1,ou=people,dc=example,dc=com" method=128
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=0 BIND dn="uid=toto1,ou=people,dc=example,dc=com" mech=SIMPLE ssf=0
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=0 RESULT tag=97 err=0 text=
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=1 SRCH base="uid=toto1,ou=people,dc=example,dc=com" scope=0 deref=3 filter="(objectClass=*)"
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=2 UNBIND
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 fd=12 closed
May 12 15:41:15 evl2400469 slapd[14256]: conn=14 op=2 SRCH base="" scope=2 deref=3 filter="(member=uid=toto1,ou=people,dc=example,dc=com)"
May 12 15:41:15 evl2400469 slapd[14256]: conn=14 op=2 SRCH attr=cn objectClass javaSerializedData javaClassName javaFactory javaCodeBase javaReferenceAddress javaClassNames javaRemoteLocation
May 12 15:41:15 evl2400469 slapd[14256]: conn=14 op=2 SEARCH RESULT tag=101 err=32 nentries=0 text=