[Fedora-directory-users] DSGW user authorization problem
Rich Megginson
rmeggins at redhat.com
Mon Nov 17 20:21:36 UTC 2008
Lev Dudko wrote:
> Dear Directory server experts,
> could you help me, please, to solve the problem with DSGW
> authorization.
> I have successfully setup FDS on Fedora 9 with
> setup-ds-admin.pl
> setup ssl with the help of script from this page:
> http://www.linuxmail.info/fedora-directory-server-setup-howto-centos-5/
> and run setup-ds-dsgw
> Now, the directory server works, administration server works and
> I can configure everything in DS and Admin server with console
> fedora-idm-console -a https://localhost:9830
> ldap and ldaps ports are open and accept requests.
>
> I can point my browser to https://localhost:9830 and use DSGW to
> search successfully,
> but I can not do authorization, when I try to authorize as some user
> (normal user, Directory Manager or admin) I got the error:
> Authentication Failed
> Authentication failed because the password you supplied is incorrect.
> Please click the Retry button and try again. If you have forgotten the
> password for this entry, a directory administrator must reset the
> password for you.
>
> Of course, I am sure that the password is correct. There are no so much
> useful information in the log files. The
> executable /usr/lib64/dirsrv/dsgw-cgi-bin/doauth do this authorization.
>
> I have read available documentation rather careful, but did not find the
> answer. Looks like one of the solution is to use binddnfile directive
> with special text file, but it looks strange for me that it is
> impossible to use normal authorization in LDAP with DSGW.
>
> Have I missed something during the configuration or forgot to add some
> special ACL?
>
What platform?
Any information in your admin server logs at /var/log/dirsrv/admin-serv?
> Lev
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20081117/fe55af22/attachment.bin>
More information about the Fedora-directory-users
mailing list