LDAP Authentication Failed


#1

Hi,

  I have installed  openLDAP on windows vista. i correctly configure

the openLDAP server. when i do the ladpadd &ldap search by using the
following commands

Commands:
ldapadd -x step1.ldif

ldapsearch -D “cn=shalini,dc=mips,dc=com” -w serverpwd -b
cn=shalini,ou=people,dc=mips,dc=com"

It shows the output like:

extended LDIF

LDAPv3

base <cn=shalini,ou=people,dc=mips,dc=com> with scope sub

filter: (objectclass=*)

requesting: ALL

shalini, people, mips.com

dn: cn=shalini,ou=people,dc=mips,dc=com
objectClass: inetOrgPerson
cn: shalini
cn: Robert J Smith
cn: bob smith
sn: shalini
uid:: c2hhbGluaQk=
userPassword:: c2hhbGluaSA=
carLicense: HISCAR 123
homePhone: 555-111-2222
mail: removed_email_address@domain.invalid
mail: removed_email_address@domain.invalid
mail: removed_email_address@domain.invalid
description: swell guy
ou: Human Resources

search result

search: 2
result: 0 Success

numResponses: 2

numEntries: 1

so from this output i guess i correctly created the Directory service
on openLDAP server. The error i faced is as follows. I opened the
script/console
and type the following commands

require ‘net/ldap’
[]

ldap=Net::LDAP.new
=>#<Net::LDAP:0io5bcpoi
@auth={:method=>:anonymous},@port=389,@encryption=nil,@host=127.0.0.1,@verbose=false,@base=“dc=com”,@openconnection=nil)

ldap.auth(“removed_email_address@domain.invalid”,“shalini”)
=> {:password =>“shalini”,:username =>“removed_email_address@domain.invalid”,:method
=>simple}

ldap.bind
false

so what i miss here? can anyone please help me to solve this problems.


#2

Palani,
I’d suggest you use a 3rd party tool like LDAP Browser
(www.ldapbrowser.com)
to verify your server, then check your code too.
James.

2009/3/19 Palani K. removed_email_address@domain.invalid


#3

James Cowlishaw wrote:

Palani,
I’d suggest you use a 3rd party tool like LDAP Browser
(www.ldapbrowser.com)
to verify your server, then check your code too.
James.

2009/3/19 Palani K. removed_email_address@domain.invalid

Hi James,
I need to implement this in ROR only. I don’t know what the
error is. even i don’t know whether i am on right path.


#4

Hi Palani,

If you’re trying to auth against ldap using Net::LDAP, might want to
try:


require ‘net/ldap’

LDAP_HOST = ‘127.0.0.1’ # or match your setup.
LDAP_PORT = 389 # or …
LDAP_DN = ‘cn=shalini,ou=people,dc=mips,dc=com’ # or …

def ldap_auth(uid, pss)
return false if uid.blank? || pss.blank?
clean_uid = uid.gsub(/[^a-zA-Z0-9._-]+/, ‘’) # or …, to guard
against ldap-injection.
usr = “uid=#{clean_uid},#{LDAP_DN}”
ldap = Net::LDAP.new({:host=>LDAP_HOST, :port=>LDAP_PORT, :auth=>
{:method=>:simple, :username=>usr, :password=>pss}})
return ldap.bind # returns true if successfully auth’d; false if
not.
end

Jeff

On Mar 19, 1:44 am, Palani K. removed_email_address@domain.invalid