[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch agains Tivoli Directory Server



On 10/18/12 13:28 -0700, Alejandro Rodriguez Luna wrote:
Hi all!
I have a TDS (Tivoli Directory Server) in one of my servers, every time i
need to query it i need to go to another server and do it, i'd like to
be able to query from my machine, but i can't using openldap, do you
guys have a hint/idea/clue??

i use this from another server

idsldapsearch -h ldapserver.homeluna.org -Z -K /opt/PolicyDirector/ssl/homeluna.kdb -P passw0rd -b "" -s base objectclass=*

btw, My servers only accepts SSL conections.

Assuming that -Z has the same effect as with OpenLDAP's ldapsearch, it
performs StartTLS over port 389, not ssl over port 636.

btw, i put the following values inside /etc/openldap/ldap.conf without succeed.

#
# LDAP Defaults
#
BASE l=world
URI ldap://ldapserver.homeluna.org ldap://ldapserver.homeluna.org:636
PORT 636

TLS_CACERT /home/alexrl/Desktop/ldapserver.homeluna.org.cer
TLS_REQCERT demand

alexrl@localhost ~ $ ldapsearch -v -H ldaps://ldapserver.homeluna.org -Dcn=root -w passw0rd -bl=world uid=alex*
ldap_initialize( ldaps://ldapserver.homeluna.org:636/??base )
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Try using options '-H ldap://ldapserver.homeluna.org' and '-Z' (or '-ZZ').
See the manpage for ldapsearch.

--
Dan White