[Date Prev][Date Next]
Re: OpenLDAP sasl authentication from non localhost?
You can try using -h devel.yourdoamin.com
and generate a ssl certificate using the exactly hostname by doing:
# cd /usr/share/ssl/certs/
# make slapd.pem
# chown ldap.ldap slapd.pem
Edward Rudd wrote:
I finally have openldap 2.1.19 up and running and doing sasl
authentication. but only from the local machine.. If I try to run
ldapsearch on another system and use the -h parameter it fails.. ie..
ldapsearch -h devel -U firstname.lastname@example.org -b o=MyOrg,c=US
I get back this error
ldap_sasl_interactive_bind_s: Invalid credentials
additional info: SASL(-13): authentication failure: client
response doesn't match what we generated
Any clue why??
the client machine is running openldap 2.0.27 and cyrus-sasl-1.5.24
(stock RH 7.3)
Oliver Schulze L.