An Error Occurs During the LDIF File Import

The following error occurs during the LDIF file import:

linux-ldap:/etc/openldap # ldapadd -D "cn=manager,dc=company,dc=com" -W -x -f ncompany.ldif

Enter LDAP Password: 

ldap_bind: Invalid credentials (49)

回帖内容8：

The entered LDAP administrator password is inconsistent with that in the slapd.conf file.

Recommended Action

1.     Enter the password again to check whether the problem is caused by incorrect password input.

2.     If the problem is not caused by incorrect passwords, perform the following steps to change the password in slapd.conf:

a.     Run the su - root command on the LDAP server and switch to user root.

b.  master@linux-ldap:~ >su - root

c.  password:

linux-ldap:~ #

d.     Run the slappasswd -h {SSHA} command, enter a new password, for example, Admin@123, and press Enter.

e.  linux-ldap:~ #slappasswd -h {SSHA}

f.  New password:

g.     Enter the password (for example, Admin@123) again and press Enter.

The password is Linux encrypted and string {SSHA}/kEtz1/+paTolutX9uUo9AAr10OW7qcA is returned. Given the encrypted password is long, you are advised to save it in a text file for future use.

linux-ldap:~ #slappasswd -h {SSHA}

New password:

Re-enter new password:

{SSHA}/kEtz1/+paTolutX9uUo9AAr10OW7qcA

h.     Run the cd /etc/openldap command to go to the /etc/openldap directory.

i.  linux-ldap:~ #cd /etc/openldap

linux-ldap:/etc/openldap

j.      Run the vi slapd.conf command to open the slapd.conf file.

k.     Press I to enter the editing mode.

l.      Locate the following in the slapd.conf file.

m.  #######################################################################

n.  # BDB database definitions

o.  #######################################################################

p.   

q.  loglevel 0

r.  database       bdb

s.  suffix         "dc=my-domain,dc=com"

t.  checkpoint      1024 5

u.  cachesize       10000

v.  rootdn         "cn=Manager,dc=my-domain,dc=com"

w.  # Cleartext passwords, especially for the rootdn, shoold

x.  # be avoid.  See slappasswd(8) and slapd.conf(5) for details.

y.  # Use of strong authentication encouraged.

z.  rootpw         "secret"

aa. # The database directory MUST exist prior to running slapd AND 

bb. # shoold only be accessible by the slapd and slap tools.

cc. # Mode 700 recommended.

dd. directory      /var/lib/ldap

ee. # Indices to maintain

ff. index objectClass      eq

gg. database bdb

hh. suffix "dc=company,dc=com"

ii. rootdn "cn=manager,dc=company,dc=com"

jj. rootpw "{ssha}DIFakSNinKzzFyRUT2vV3w9sEHTrR"

kk. directory /var/lib/ldap/company

ll. checkpoint 1024 5

mm. cachesize 10000

nn. index objectClass,uidNumber,gidNumber eq

oo. index member,mail eq,pres

pp. index cn,displayname,uid,sn,givenname sub,eq,pres

qq.   Replace the old password in bold with the Linux-encrypted password.

rr.     Press Esc and run the :wq command.

ss.   Press Enter to save changes and exit the slapd.conf file.

tt.     Run the service ldap restart command to restart the LDAP service.