powered by Jive Software

Troubles with (open)ldap authentication

Hi all, I’m new to openfire and I’m trying to setup a server using an openldap for user authentication.

That ldap is already used for smtp and pop3/imap authentication.

The connection is established successfully but the authentication fails

Sniffing the ldap traffic it seems that:

  1. a first search in ldap retrieves the dn and the userid of the authenticanting user

  2. a second access to ldap tries the authentication putting the uid (and eventually extra data) between double quotes

The resulting ldap request results in “invalid credentials” by openldap.

i.e.:

1st request (search):

basedn:o=organization,c=it" filter:“uid=userid”

data returned:

basedn: uid=userid,ou=organizational_unit,o=organization,c=it

uid: userid

2nd request (bind):

basedn:uid=“userid”,ou=“organizational_unit”,o=organization,c=it

password: password

data returned: none

error: InvalidCredentials


I’m tryng to run openfire 3.4.5 on CentOS linux 5.1 (openldap-2.1.29 on an external server).

Is someone already stumbled across such an issue?

Thanks.

(I hate to reply myself)

I found the solution in thread http://www.igniterealtime.org/community/message/137752 (last post)

That solution worked.

(thanks to Wai Phang).

Regards.