[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap 2.1.3 problems


I've got the same problem.
But it seems related to the "ldapsearch".
When I use the ldapsearch with version 2.0.23, it can provide TLS connection
to slapd server with 2.1.3.
Is it a bug with the ldapsearch with version 2.1.3?

Alex Lam
----- Original Message -----
From: "Hardi Gunawan" <hardigunawan@inbox.lv>
To: <openldap-software@OpenLDAP.org>
Sent: Saturday, August 03, 2002 8:29 AM
Subject: openldap 2.1.3 problems

> Hi
> I've some problem moving from openldap 2.0.23 to 2.1.3.
> 1)  I can't connect using TLS anymore (It works when I downgrade to
> TLS trace: SSL_accept:failed in SSLv3 read client certificate A
> TLS: can't accept.
> TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> s3_pkt.c:985
> Seems that quite a number of people are having the same problems.
> 2) Could someone point me to the documentation on structural
objectclasses?  I
> realized that samba and inetorgperson can't go together.  So I need to
> what I should do.  There are some explanation in the mailing list about
> but due to being new to openldap, I don't quite understand.  Here's a
> from the mailing list:
> --------------------------------------------------------------
> Actually, objects can list multiple STRUCTURAL classes
> in objectClass as long as they as there is one which
> is superior to all the others.
> For example, an object which lists person, organizationalPerson
> and inetOrgPerson is valid as inetOrgPerson is superior
> to both person and organizationalPerson.
> As a counter example, it is improper for an object to list
> inetOrgPerson and pilotPerson as neither is in the others
> superclass chain.  If you desire to have an object belong
> to both inetOrgPerson and pilotPerson, you can create a
> class which is superior to both (e.g. OpenLDAPperson).
> This all per RFC 2251 and X.501(93).
> Kurt
> --------------------------------------------------------------