[Date Prev][Date Next]
Re: Re: ldap_sasl_interactive_bind_s: Local error ???
Thanks angain for your suggestions.
>1: You seem to have previous experience with SSL. The fact that you are
>using hashes of certs seem to infer that your experience was with
>FreeS/WAN or Apache. Openldap 2.1 (at least) uses neither .der encoded
>certificates nor hashes, but .pem encoded raw certs;
You are right.I misunderstood the configuration guide of OpenLDAP with TLS,
and I will correct it in my sldap.conf.
>2: *Raw* Openldap SSL/TLS (TLS is different from SSL) does not use SASL,
>which seems to be throwing you out (although SSL is refererred to as
>SASL EXTERNAL). Not that SSL is not a valid SASL extra, it's just that
>Openssl SASL is not necessary for Openldap SSL/TLS.
I'm confused with the command:
$ldapsearch localhost -b "o=MyTest,c=CN" -s sub "(objectclass=*)" -x
It returns correct results without inputting any password!
But "-x" option means it querys ldap server in Simple authentication.
Any error in my understanding?
R&D of SDB Department
CNIC,CAS,Beijing of CHINA