<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:v = "urn:schemas-microsoft-com:vml" xmlns:o = "urn:schemas-microsoft-com:office:office" xmlns:w = "urn:schemas-microsoft-com:office:word" xmlns:m = "http://schemas.microsoft.com/office/2004/12/omml"><HEAD> <META http-equiv=Content-Type content="text/html; charset=us-ascii"> <META content="MSHTML 6.00.2900.3429" name=GENERATOR> <STYLE>@font-face { font-family: Calibri; } @page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.0in 1.0in 1.0in; } P.MsoNormal { FONT-SIZE: 11pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Calibri","sans-serif" } LI.MsoNormal { FONT-SIZE: 11pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Calibri","sans-serif" } DIV.MsoNormal { FONT-SIZE: 11pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Calibri","sans-serif" } A:link { COLOR: blue; TEXT-DECORATION: underline; mso-style-priority: 99 } SPAN.MsoHyperlink { COLOR: blue; TEXT-DECORATION: underline; mso-style-priority: 99 } A:visited { COLOR: purple; TEXT-DECORATION: underline; mso-style-priority: 99 } SPAN.MsoHyperlinkFollowed { COLOR: purple; TEXT-DECORATION: underline; mso-style-priority: 99 } SPAN.EmailStyle17 { COLOR: windowtext; FONT-FAMILY: "Calibri","sans-serif"; mso-style-type: personal-compose } .MsoChpDefault { mso-style-type: export-only } DIV.Section1 { page: Section1 } </STYLE> </HEAD> <BODY lang=EN-US vLink=purple link=blue> <DIV dir=ltr align=left>I ran into some thing like this when I also first began to configure CA etc. Not enough documentation</DIV> <DIV dir=ltr align=left>for beginners. I had to get Wireshark and trace what network packets are sent across from client to server</DIV> <DIV dir=ltr align=left>and see the LDAP credentials searched for and then I acted accordingly. i.e when I see that the search was for uid=abc, o=TokenUser</DIV> <DIV dir=ltr align=left>then I setup such in the Directory Server. Only because I had access to both client and server. Wireshark helped me a lot!</DIV> <DIV> </DIV> From: Julius Adewumi @GDC4S.com Ph:480-441-6768 Contract Corp:MTSI <DIV> </DIV> <DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left> <HR tabIndex=-1> From: pki-users-bounces@redhat.com [mailto:pki-users-bounces@redhat.com] On Behalf Of Zach Casper Sent: Tuesday, December 16, 2008 9:00 AM To: pki-users@redhat.com; 'General discussion list for the Fedora Directory server project.' Subject: [Pki-users] LDAP Authentication </DIV> <DIV></DIV> <DIV class=Section1> We have followed all steps to install/run Fedora Dogtag/FDS using default settings. <o:p></o:p> <o:p> </o:p> We have also added users/certificates from within the CA/RA subsystems. <o:p></o:p> <o:p> </o:p> We are now to the point we need to format and enroll some smart cards, however, the LDAP Authentication dialog appears and no combination of LDAP User ID/Password work. <o:p></o:p> <o:p> </o:p> We’ve tried cn=Directory Manager, Admin, pkiuser…all without luck. <o:p></o:p> <o:p> </o:p> I know we must have users already in FDS but this documentation seems not to exist. <o:p></o:p> <o:p> </o:p> How do we either add users in FDS so that we can continue to format and enroll smart cards? Are we missing something? <o:p></o:p> --<o:p></o:p> Zach Casper<o:p></o:p> Envieta LLC<o:p></o:p> <o:p> </o:p></DIV></BODY></HTML>