[Date Prev][Date Next] [Chronological] [Thread] [Top]

error with TLS


First I finally found how to have the home directory automounted at
login, I should have search a bit more before writing to the list, I am

I have an other problem, and I hope anyone can help me
I'm trying to set the TLS connexion to my OpenLDAP server.
Before this, with normal connexion, I could login in my linux station
with a login/password located in LDAP (the openldap server is on another
now the login/password are rejected, and in /var/log/auth.log I got :

Jun  2 21:19:01 francois login: pam_ldap: ldap_starttls_s: Connect error

Can anyone help me ?

In my slapd.conf I have uncommented the few lines about TLS

and on the client stations (ldap.conf), I set
ssl start_tls
tls_checkpeer yes
port 389
(the line "ssl on" is commented)

the command :
openssl s_client -connect ldap.domain:636 -showcerts

seems to work, its output ends with :

Verify return code: 18 (self signed certificate)

I configured the login to use ldap :

/etc/pam.d/login :

auth       sufficient   /lib/security/pam_ldap.so
auth       required     /lib/security/pam_pwdb.so shadow try_first_pass
auth       required     /lib/security/pam_nologin.so
account    sufficient   /lib/security/pam_ldap.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   sufficient   /lib/security/pam_ldap.so
password   required     /lib/security/pam_pwdb.so shadow nullok \
session    sufficient   /lib/security/pam_ldap.so
session    required     /lib/security/pam_pwdb.so


PS : I use Mandrake Linux 8.2