I try to follow this guide to create SSO solution with OpenLDAP and Keycloak. I'm trying to add the readonly user. It should be the same LDIFs as here

I apply those LDIFs for the readonly user but I get

$ ldapsearch -x -H ldap://localhost:1389 -b "dc=muellerpublic,dc=de" -D "cn=readonly,dc=muellerpublic,dc=de" "+" -w xxx Handling connection for 1389 ldap_bind: Invalid credentials (49) 

Here are the users/groups:

$ ldapsearch -x -H ldap://localhost:1389 -b "dc=muellerpublic,dc=de" -D "cn=admin,dc=muellerpublic,dc=de" "+" -w xxx Handling connection for 1389 # extended LDIF # # LDAPv3 # base <dc=muellerpublic,dc=de> with scope subtree # filter: (objectclass=*) # requesting: + # # muellerpublic.de dn: dc=muellerpublic,dc=de structuralObjectClass: organization entryUUID: ce600638-0d8f-103c-8fb1-1558d46de393 creatorsName: cn=admin,dc=muellerpublic,dc=de createTimestamp: 20220119162257Z entryCSN: 20220119162257.152328Z#000000#000#000000 modifiersName: cn=admin,dc=muellerpublic,dc=de modifyTimestamp: 20220119162257Z entryDN: dc=muellerpublic,dc=de subschemaSubentry: cn=Subschema hasSubordinates: TRUE # users, muellerpublic.de dn: ou=users,dc=muellerpublic,dc=de structuralObjectClass: organizationalUnit entryUUID: ce601dc6-0d8f-103c-8fb2-1558d46de393 creatorsName: cn=admin,dc=muellerpublic,dc=de createTimestamp: 20220119162257Z entryCSN: 20220119162257.152933Z#000000#000#000000 modifiersName: cn=admin,dc=muellerpublic,dc=de modifyTimestamp: 20220119162257Z entryDN: ou=users,dc=muellerpublic,dc=de subschemaSubentry: cn=Subschema hasSubordinates: FALSE # readonly, muellerpublic.de dn: cn=readonly,dc=muellerpublic,dc=de structuralObjectClass: organizationalRole entryUUID: ce60b6a0-0d8f-103c-8fb3-1558d46de393 creatorsName: cn=admin,dc=muellerpublic,dc=de createTimestamp: 20220119162257Z entryCSN: 20220119162257.156845Z#000000#000#000000 modifiersName: cn=admin,dc=muellerpublic,dc=de modifyTimestamp: 20220119162257Z entryDN: cn=readonly,dc=muellerpublic,dc=de subschemaSubentry: cn=Subschema hasSubordinates: FALSE 

Here are the LDIFs created:

 20-readonly-user.ldif: | # Paths dn: cn=readonly,dc=muellerpublic,dc=de changetype: add cn: readonly objectClass: simpleSecurityObject objectClass: organizationalRole userPassword: {SSHA}5Y0mPhzRCYDBRltdvF6hp+m0DWgPTdjD description: LDAP read only user 21-readonly-user-acl.config.ldif: | dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcAccess olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break olcAccess: to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,dc=muellerpublic,dc=de" write by anonymous auth by * none olcAccess: to * by self read by dn="cn=admin,dc=muellerpublic,dc=de" write by dn="cn=readonly,dc=muellerpublic,dc=de" read by * none 
1

Related questions 4 OpenLDAP configuration error ldap_bind: Invalid credentials (49) 4 ldap_bind: Invalid credentials (49) again 7 OpenLdap (Centos 5.9): Invalid credentials (49) Related questions 4 OpenLDAP configuration error ldap_bind: Invalid credentials (49) 4 ldap_bind: Invalid credentials (49) again 7 OpenLdap (Centos 5.9): Invalid credentials (49) 1 openldap, I can't add user, invalid DN 1 openldap: Insufficient access 0 Openldap Spring integration: Bad Credentials 0 Openldap cannot authenticate non-admin users 0 Receive invalid credentials (49)when trying to add a user to LDAP 0 LDAP mixing up user credentials 1 OpenLDAP Won't Set Encyrpted Password: attribute 'userPassword' is not present in entry Load 7 more related questions Show fewer related questions

Reset to default

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.