ldapsearch -H ldaps:/// -x -b "" -s base -LLL supportedSASLMechanisms
I get
dn:
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: LOGIN
I have created an ssl cert file using...
openssl req -new -x509 -nodes -out helios.pem -keyout helios.pem -days 365
and that seems to have worked, I put the following lines in slapd.conf
TLSCertificateFile /usr/share/ssl/certs/helios.pem
TLSCertificateKeyFile /usr/share/ssl/certs/helios.pem
TLSCACertificateFile /usr/share/ssl/certs/helios.pem
and ldap.conf contains at the bottom...
ssl start_tls
If I have a user entry in the passwd and group files themselves I can
log in via
pam_afs for authentication. But when I rely on the ldap server for
public info,
I get this in /var/log/messages.
Jun 7 15:04:21 helios gdm: nss_ldap: could not get LDAP result
- Can't contact LDAP server
Jun 7 15:04:21 helios gdm: nss_ldap: could not get LDAP result
- Can't contact LDAP server
Jun 7 15:04:21 helios gdm(pam_unix)[4933]: could not identify
user (from getpwnam(ckovacs))
Jun 7 15:04:21 helios gdm[4933]: Couldn't set acct. mgmt for
ckovacs
So...
Authentication is working, and authorization works the traditional way,
but when I try to use
ldap via ssl and nss_ldap, it pukes. What might I be doing wrong?
by the way, I have a loglevel defined but I can't find the debug file.
It's a redhat 7.1 system.
anyone know where it should be, or how to enable it? a find does not
get it...
Thanx
-- Corey Kovacs "I know not with what weapons World War III Computer Science Dept. will be fought, but World War IV will be DePauw University. fought with sticks and stones." 765.658.4761 - Albert Einstein