Re: Can't contact LDAP server

[Frank Swasey <Frank.Swasey@uvm.edu>]

Today at 10:33am, Asif Iqbal wrote:

> On Fri, 7 Nov 2003, Frank Swasey wrote:
>
> > Today at 2:33am, Asif Iqbal wrote:
> >
> > > I truss'd the ldapsearch and found out it is looking for ldap.conf under
> > > openldap dir.
> > >
> > > I moved it from /etc to openldap dir and added this in the ldap.conf
> >
> > If you have pam_ldap or nss_ldap installed.... you just broke them.
> > They look for their ldap.conf file in /etc (yup... two different
> > programs and two different config files in different places with the
> > SAME NAME).
>
> Hmm.. when I was doing truss on the ldapsearch it shows that it is looking for
> the file in openldap dir. I did not force it to look at there. I followed the
> instruction exactly as it said in Philip Brown's website bolthole.com
>
> Would you know what I might be doing wrong ?

My point was that pam_ldap and nss_ldap look for /etc/ldap.conf and the
OpenLDAP clients (ldapsearch, ldapadd, ldapmodify...) look for
<OpenLDAP_DIR>/ldap.conf.

Same filename, but different paths and contents for pam_ldap/nss_ldap
and OpenLDAP.

>
> >
> > >
> > > TLS_CACERT /path/to/the/ca-certificate-file
> > >
> > > Now it does not complain about the self certificate.
> > >
> > >
> >
> >
>

-- 
Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===