ldapadd error

Hi,

I can't add entries to ldap
When I run ldapadd, it returns this error:

/usr/bin/ldapadd -x -D "cn="Manager,dc=example,dc=com" -W -f example.ldif
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

And returns another error when i drop -x

ldapadd -D "cn=Manager,dc=example,dc=com" -w openldap -f example.ldif
(OR ldapadd -D "cn=Manager,dc=example,dc=com" -W -f example.ldif)
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (82)
additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous


example.ldif
--------------------------------------------------
dn:dc=example,dc=com
objectclass:dcObject
objectclass: organization
o:Example Company
dc:example
dn:cn=Manager,dc=example,dc=com
objectclass: organizationalRole
cn:Manager
userPassword:{MD5}rssBNsI8slRlLAErpm5eVw==
---------------------------------------------------

slapd.conf
---------------------------------------------------
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 ku
rt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/autofs.schema

# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /var/run/slapd.pid
#argsfile //var/run/slapd.args
# Load dynamic backend modules:
# modulepath /usr/sbin/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la

# The next three lines allow use of TLS for connections using a dummy test
# certificate, but you should generate a proper certificate by changing to
# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
# slapd.pem so that the ldap user or group can read it.
# TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy is:
# Allow read by all
#
# rootdn can always write!

#######################################################################
# ldbm and/or bdb database definitions
#######################################################################

password-hash {MD5}
#database ldbm
database bdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {MD5}rssBNsI8slRlLAErpm5eVw==
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw secret
#rootpw {crypt}ijFYNcSNctBYg

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/ldap

# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 tls=yes
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/ldap-master.example.com@EXAMPLE.COM

-----------------------------------------------------------

Please help me out

thanks!!

Your password is incorrect.



Try setting rootpw to a plaintext password then see if you can log in, if so take that password and MD5 it and put the MD5 hash there.

I set rootpw to a plaintext , but the msg is the same.

perhaps try entering it on the command line

/usr/bin/ldapadd -x -D "cn="Manager,dc=example,dc=com" -w passwordgoeshere -h yourhost.com

(take off the ldif till you figure it out)

Maybe it's trying to access a different server doesn't hurt to add a -h yourhost.com it can be an ip or localhost or whatever. Try different combanations. If still having problems post back.

Thank you ..
The pwd error is OK!!
but, still have another error :

[root@king bin]# ./ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f example.ldif
Enter LDAP Password:
adding new entry "dc=example,dc=com"
ldapadd: update failed: dc=example,dc=com
ldap_add: Undefined attribute type (17)
additional info: dn: attribute type undefined


and my example.ldif
=======================
dn:dc=example,dc=com
objectclass:dcObject
objectclass: organization
o:Example Company
dc:example
dn:cn=Manager,dc=example,dc=com
objectclass: organizationalRole
cn:Manager
=======================

What's wrong ?

Put a hard enter between entries.



There always has to be at least one newline between entries.

Thank you very much !!
It's OK to insert entries ~

hi daisywu..i am having exactly the same problem with ldapadd..
could u kindly explain in detail how you solved this problem?
thanks