I try to follow this guide to create SSO solution with OpenLDAP and Keycloak. I'm trying to add the readonly user. It should be the same LDIFs as here
I apply those LDIFs for the readonly user but I get
$ ldapsearch -x -H ldap://localhost:1389 -b "dc=muellerpublic,dc=de" -D "cn=readonly,dc=muellerpublic,dc=de" "+" -w xxx Handling connection for 1389 ldap_bind: Invalid credentials (49) Here are the users/groups:
$ ldapsearch -x -H ldap://localhost:1389 -b "dc=muellerpublic,dc=de" -D "cn=admin,dc=muellerpublic,dc=de" "+" -w xxx Handling connection for 1389 # extended LDIF # # LDAPv3 # base <dc=muellerpublic,dc=de> with scope subtree # filter: (objectclass=*) # requesting: + # # muellerpublic.de dn: dc=muellerpublic,dc=de structuralObjectClass: organization entryUUID: ce600638-0d8f-103c-8fb1-1558d46de393 creatorsName: cn=admin,dc=muellerpublic,dc=de createTimestamp: 20220119162257Z entryCSN: 20220119162257.152328Z#000000#000#000000 modifiersName: cn=admin,dc=muellerpublic,dc=de modifyTimestamp: 20220119162257Z entryDN: dc=muellerpublic,dc=de subschemaSubentry: cn=Subschema hasSubordinates: TRUE # users, muellerpublic.de dn: ou=users,dc=muellerpublic,dc=de structuralObjectClass: organizationalUnit entryUUID: ce601dc6-0d8f-103c-8fb2-1558d46de393 creatorsName: cn=admin,dc=muellerpublic,dc=de createTimestamp: 20220119162257Z entryCSN: 20220119162257.152933Z#000000#000#000000 modifiersName: cn=admin,dc=muellerpublic,dc=de modifyTimestamp: 20220119162257Z entryDN: ou=users,dc=muellerpublic,dc=de subschemaSubentry: cn=Subschema hasSubordinates: FALSE # readonly, muellerpublic.de dn: cn=readonly,dc=muellerpublic,dc=de structuralObjectClass: organizationalRole entryUUID: ce60b6a0-0d8f-103c-8fb3-1558d46de393 creatorsName: cn=admin,dc=muellerpublic,dc=de createTimestamp: 20220119162257Z entryCSN: 20220119162257.156845Z#000000#000#000000 modifiersName: cn=admin,dc=muellerpublic,dc=de modifyTimestamp: 20220119162257Z entryDN: cn=readonly,dc=muellerpublic,dc=de subschemaSubentry: cn=Subschema hasSubordinates: FALSE Here are the LDIFs created:
20-readonly-user.ldif: | # Paths dn: cn=readonly,dc=muellerpublic,dc=de changetype: add cn: readonly objectClass: simpleSecurityObject objectClass: organizationalRole userPassword: {SSHA}5Y0mPhzRCYDBRltdvF6hp+m0DWgPTdjD description: LDAP read only user 21-readonly-user-acl.config.ldif: | dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcAccess olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break olcAccess: to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,dc=muellerpublic,dc=de" write by anonymous auth by * none olcAccess: to * by self read by dn="cn=admin,dc=muellerpublic,dc=de" write by dn="cn=readonly,dc=muellerpublic,dc=de" read by * none 1Related questions 4 OpenLDAP configuration error ldap_bind: Invalid credentials (49) 4 ldap_bind: Invalid credentials (49) again 7 OpenLdap (Centos 5.9): Invalid credentials (49) Related questions 4 OpenLDAP configuration error ldap_bind: Invalid credentials (49) 4 ldap_bind: Invalid credentials (49) again 7 OpenLdap (Centos 5.9): Invalid credentials (49) 1 openldap, I can't add user, invalid DN 1 openldap: Insufficient access 0 Openldap Spring integration: Bad Credentials 0 Openldap cannot authenticate non-admin users 0 Receive invalid credentials (49)when trying to add a user to LDAP 0 LDAP mixing up user credentials 1 OpenLDAP Won't Set Encyrpted Password: attribute 'userPassword' is not present in entry Load 7 more related questions Show fewer related questions
Reset to default