[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP 2.0 Clients and Active Directory with SSL
You might check out:
http://www.openldap.org/its/index.cgi/findid=821
and see it helps any...
Kurt
At 05:05 PM 10/16/00 +0200, Norbert Klasen wrote:
>Hi,
>I've been trying to query an AD on W2k SP1 with the tools from OpenLDAP
>2.0
>(OPENLDAP_REL_ENG_2) using SSL. However ldapsearch will not return to
>the shell after printing the results.
>See attachment for a trace of:
>ldapsearch -x -l 1 -LLL -d 1 -H ldaps://dino -s base
>supportedldapversion
>
>Using ldapsearch without SSL works fine, just like ldapsearch from the
>Netscape SDK with SSL enabled.
>
>--
>Norbert Klasen
>DFN Directory Services tel: +49 7071 29 70335
>ZDV, Universität Tübingen fax: +49 7071 29 5912
>D-72074 Tübingen norbert.klasen@zdv.uni-tuebingen.de
>Germany http://www.directory.dfn.deldap_create
>ldap_url_parse(ldaps://dino)
>ldap_bind_s
>ldap_simple_bind_s
>ldap_sasl_bind_s
>ldap_sasl_bind
>ldap_send_initial_request
>ldap_new_connection
>ldap_int_open_connection
>ldap_connect_to_host
>ldap_new_socket: 3
>ldap_prepare_socket: 3
>ldap_connect_to_host: Trying 134.2.217.40:636
>ldap_connect_timeout: fd: 3 tm: -1 async: 0
>ldap_ndelay_on: 3
>ldap_is_sock_ready: 3
>ldap_ndelay_off: 3
>ldap_int_sasl_open: dino.directory.dfn.de
>TLS trace: SSL_connect:before/connect initialization
>TLS trace: SSL_connect:SSLv2/v3 write client hello A
>TLS trace: SSL_connect:SSLv3 read server hello A
>TLS certificate verification: depth: 0, subject: /C=DE/ST=BW/L=Tuebingen/O=DFN/OU=Directory Services/CN=dino.directory.dfn.de, issuer: /Email=norbert.klasen@directory.dfn.de/C=DE/ST=Baden-Wuerttemberg/L=Tuebingen/O=DFN/OU=Directory Services/CN=ActiveDirectory
>TLS trace: SSL_connect:SSLv3 read server certificate A
>TLS trace: SSL_connect:SSLv3 read server certificate request A
>TLS trace: SSL_connect:SSLv3 read server done A
>TLS trace: SSL_connect:SSLv3 write client certificate A
>TLS trace: SSL_connect:SSLv3 write client key exchange A
>TLS trace: SSL_connect:SSLv3 write change cipher spec A
>TLS trace: SSL_connect:SSLv3 write finished A
>TLS trace: SSL_connect:SSLv3 flush data
>TLS trace: SSL_connect:SSLv3 read finished A
>ldap_delayed_open successful, ld_host is (null)
>ldap_send_server_request
>ber_flush: 14 bytes to sd 3
>ldap_result
>wait4msg (infinite timeout)
>** Connections:
>* host: dino port: 636 (default)
> refcnt: 2 status: Connected
> last used: Mon Oct 16 16:55:50 2000
>
>** Outstanding Requests:
> * msgid 1, origid 1, status InProgress
> outstanding referrals 0, parent count 0
>** Response Queue:
> Empty
>do_ldap_select
>read1msg
>ber_get_next
>ber_get_next: tag 0x30 len 16 contents:
>ldap_read: message type bind msgid 1, original id 1
>ber_scanf fmt ({iaa) ber:
>read1msg: 0 new referrals
>read1msg: mark request completed, id = 1
>request 1 done
>res_errno: 0, res_error: <>, res_matched: <>
>ldap_free_request (origid 1, msgid 1)
>ldap_free_connection
>ldap_free_connection: refcnt 1
>ldap_parse_result
>ber_scanf fmt ({iaa) ber:
>ber_scanf fmt (}) ber:
>ldap_msgfree
>ldap_search_ext
>put_filter "(objectclass=*)"
>put_filter: simple
>put_simple_filter "objectclass=*"
>ldap_send_initial_request
>ldap_send_server_request
>ber_flush: 61 bytes to sd 3
>ldap_result
>wait4msg (infinite timeout)
>** Connections:
>* host: dino port: 636 (default)
> refcnt: 2 status: Connected
> last used: Mon Oct 16 16:55:50 2000
>
>** Outstanding Requests:
> * msgid 2, origid 2, status InProgress
> outstanding referrals 0, parent count 0
>** Response Queue:
> Empty
>do_ldap_select
>read1msg
>ber_get_next
>ber_get_next: tag 0x30 len 57 contents:
>ldap_read: message type search-entry msgid 2, original id 2
>ldap_get_dn
>ber_scanf fmt ({a) ber:
>ber_scanf fmt ({xx) ber:
>ldap_first_attribute
>ber_scanf fmt ({xl{) ber:
>ber_scanf fmt ({ax}) ber:
>ldap_get_values_len
>ber_scanf fmt ({x{{a) ber:
>ber_scanf fmt ([V]) ber:
>ldap_next_attribute
>ldap_msgfree
>ldap_result
>wait4msg (infinite timeout)
>** Connections:
>* host: dino port: 636 (default)
> refcnt: 2 status: Connected
> last used: Mon Oct 16 16:55:50 2000
>
>** Outstanding Requests:
> * msgid 2, origid 2, status InProgress
> outstanding referrals 0, parent count 0
>** Response Queue:
> Empty
>do_ldap_select