[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Couldn't start TLS



Hi Fábio,
>         I have intalled a OpenLDAP with SSL support. Basically to use
> ldapmodify to change passwords in the Windows 2000 Active Directory. But
> when I type something like: ldapmodify -D "binddn" -W -b "dc=domain" -Z
> cn=user , the program send me a message saying that "WARNING: could not
> start TLS".

AD doesn't support the StartTLS extended operation. You have to use LDAP
over SSL (LDAPS, port 636):
ldapmodify -x -H ldaps://ad.example.com -D ...

-- 
Norbert Klasen
DFN Directory Services                           tel: +49 7071 29 70335
ZDV, Universität Tübingen                        fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen              http://www.directory.dfn.de
Germany                             norbert.klasen@zdv.uni-tuebingen.de