opanaudit + ldap + # in passwords = no workie

I have been using Open Audit for a while now. It’s a server/network inventory tool that is free and kinda kicks butt.

At my current job I decided to use the ldap integration, and I was having a hell of a time getting it to work. Basically I could enable LDAP OK and create the LDAP configuration just fine, but when I went to create the actual connection, it wouldn’t work, giving me an error message:

Server connection successful
Default Naming Context: DC=accessgeneral,DC=com
User DNS Suffix: accessgeneral.com
!! Unable to bind to server !!
Err Number: 49
Err String: Invalid credentials
Check that credentials are correct

I tried using a different account, using a different LDAP server, and even did a network trace to see if the connection was actually trying to take place. What finally lead me down the right path was to look at the apache logs, where is lists my password as a part of the request in clear text. Turns out the passwords weren’t the same as what I had typed in because both f the passwords I was using had a pound (“#”) at the end, and apparently that’s not a cool character for PHP to use. This resulted in the password being entered incorrectly. Unfortunately I didn’t catch this sooner because both of my test accounts ended in #.

Once I made this change, it worked on the very first try. Lesson learned.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s