Support Questions

Find answers, ask questions, and share your expertise

Ldap Authentication issue: ldap_bind: Invalid credentials (49)

avatar
Expert Contributor

Hello,

I am trying to add new user to the ldap.

following is my user.ldif file for new user:

user.ldif

dn: uid=abc,ou=users,dc=hadoop,dc=com
objectClass: top 
objectClass: account 
objectClass: posixAccount 
objectClass: shadowAccount
cn: abc
uid: abc
uidNumber: 550
gidNumber: 505 
homeDirectory: /home/abc
loginShell: /bin/bash 
gecos: abc
userPassword: {cryst}x
shadowLastChange: 0
shadowMax: 0 
shadowWarning: 0

when I execute following command it asks for LDAP Password

ldapadd -x -W -D "cn=abc,dc=hadoop,dc=com" -f user.ldif

and when i enter the password it throws error : ldap_bind: Invalid credentials (49) error

Below command also asks for LDAP password and when I enter the password it works fine.

ldapsearch -D cn="Manager,dc=hadoop,dc=com" -W -b "dc=hadoop,dc=com" objectClass=* 

It only throws error when i execute ldapadd command to create new user.

Thanks.

7 REPLIES 7

avatar
Expert Contributor
@heta desai

Can you please check the ldapsearch with the same user you are trying to connect and the same OU is working?

Thanks

Venkat

avatar
Expert Contributor

solved the authentication issue with following change in ldapadd command:

ldapadd -x -W -D "cn=Manager,dc=hadoop,dc=com" -f user1.ldif

avatar
Expert Contributor
@Venkata Sudheer Kumar M

After change in ldapadd command as mention in my reply, I am getting following error:

ldap_add: Object class violation (65)
        additional info: no objectClass attribute

avatar
Expert Contributor
@heta desai

This is what we use for add.ldif:

dn: CN=<username>,OU=prod1,OU=Hadoop,OU=Users,OU=UK,DC=global,DC=org
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
distinguishedName: CN=<username>,OU=prod1,OU=Hadoop,OU=Users,OU=UK,DC=global,DC=org
cn: <username>
userAccountControl: 514
unicodePwd::IgBTAHQAYQBnAGkAbgBnAEAAMgAwADEANwAiAA==
accountExpires: 0
userPrincipalName: <username>@GLOBAL.ORG

This works for us. Please check your DN's, OU's and the corresponding objectClass to be specified, these are entirely environment dependent.

Thanks

Venkat

avatar
Expert Contributor

@Venkata

all the attributes are compulsary ? As I do not have value of OU, userAccountControl,unicodePwd.

avatar
Expert Contributor

@Venkata

I am getting the error:

ldap_add: No such object (32)
        matched DN: dc=hadoop,dc=com

avatar
Expert Contributor

@heta desai

you can use the parameters based on your environment and here is the details that gives details about LDAP error codes.

Thanks

Venkat