[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap and SSL with AD

To: Daniel Barron <ldaplist@jadeb.com>
Subject: Re: openldap and SSL with AD
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 14 Feb 2003 15:01:44 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <d81ea6c44b.ldaplist@jadeb.com>
Organization:
References: <af542ac44b.ldaplist@jadeb.com> <1482291.1045161074@[10.10.9.3]> <d81ea6c44b.ldaplist@jadeb.com>

fre, 2003-02-14 kl. 14:21 skrev Daniel Barron:

> > You're mixing START_TLS (which normally uses port 389) and LDAPS. The -ZZ 
> > option requires START_TLS which is not supported by AD. Try using
> > ldap_initilize("ldaps://192.168.72.230").
> > Unless you're server certificate containes a subjectAltName extension of 
> > type ip address, you'll also need to use the server's FQDN instead of its 
> > IP.
> > 
> > See also http://www.openldap.org/faq/data/cache/185.html

> Thank you very much - thats most helpful.  I would like to know more about
> ldap_initilize but I can't find a man page for it?  I also tried looking for
> ldap_initialize, ldap_initialise, etc.

It's a C function - you'll find it in all the libldap libraries ;)

Best,

Tony

-- 

Tony Earnshaw

When you rob a person of his illusions,
you are robbing him of his happiness


e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Follow-Ups:
- Re: openldap and SSL with AD
  - From: Daniel Barron <ldaplist@jadeb.com>

References:
- openldap and SSL with AD
  - From: Daniel Barron <ldaplist@jadeb.com>
- Re: openldap and SSL with AD
  - From: Norbert Klasen <norbert+lists.openldap-software@burgundy.dyndns.org>
- Re: openldap and SSL with AD
  - From: Daniel Barron <ldaplist@jadeb.com>

Prev by Date: Re: forcing user to use strong auth
Next by Date: Re: Questions on ACL
Index(es):
- Chronological
- Thread