[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapsearch certificate handling

To: <openldap-software@openldap.org>
Subject: ldapsearch certificate handling
From: "Sabo, Eric" <Eric.Sabo@cup.edu>
Date: Thu, 18 Jan 2007 11:59:06 -0500
Content-class: urn:content-classes:message
Thread-index: Acc6/s8Qul8rk3ITR7ioxK+OBHSurAAIxNQw
Thread-topic: ldapsearch certificate handling

 
I have no knowledge of OPENLDAP so that is why I am emailing this list.

I have an vendor that is trying to connect to my active directory (which
is windows 2003 native for the forest level and the domain level) via
SSL (port 636) using LDAPSEARCH.    They want to authenticate users
against my active directory.    My certificates that I created
(microsoft assisted me on this part)
	One question I have  - My certificates contain multiple DNS
names (domain name and a simple DNS name - which I want the vendor to
use)  Does OPENLDAP have a problem with this setup on the certificate?

Question about the command lines they are trying.
	1st cmd  -  ldapsearch -H  ldaps://servername -x -D 'CN=name of
user'     | grep usernameofusertheywanttofind
	2nd cmd - ldapsearch -H  ldaps://servername -x -s base -D
'cn=name of user'  

Any thoughts or opinions on this subject would greatly be appreciated.

Eric Sabo
Senior Windows Systems Engineer
Department of Computing Systems
California University of Pennsylvania

Follow-Ups:
- Re: ldapsearch certificate handling
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: problem with sasl
Next by Date: Re: How to migrate iPlanet Directory into OpenLDAP?
Index(es):
- Chronological
- Thread