[Date Prev][Date Next]
Re: ldap+ssl+Active directory
I'm using Yast to configure ldap, in the ldap client, I pick the option:
'ldap tls/ssl'. then /etc/ldap.conf has the next line:
# OpenLDAP SSL mechanism
# start_tls mechanism uses the normal LDAP port, LDAPS typically 636
I think the configuration is OK, but I don't know how suse import the
w2k'certificate, or if I need to create a certificate to suse. I've
installed Microsoft Certification Authority, to enable ldap over ssl in
w2k. In suse I only set this option (ssl start tls), then I don't know if I
need to do nothing else.
At 20:17 05/07/2004, Kurt D. Zeilenga wrote:
>At 10:47 AM 7/5/2004, Andreas wrote:
> >On Mon, Jul 05, 2004 at 10:34:32AM -0700, Kurt D. Zeilenga wrote:
> >> At 01:09 AM 7/5/2004, Ainhoa Prat wrote:
> >> >I'm having problems using ldap with ssl against windows 2000 AD. I
> have Suse 9 as ldap client and w2k as ldap server. I set use ssl in ldap.conf,
> >> Not sure what you mean by "set use ssl in ldap.conf"... but if you
> >> mean you set 'use ssl' in ldap.conf, I note that OpenLDAP ldap.conf(5)
> >> has no 'use ssl' directive. You might be confusing directives for
> >> some other ldap.conf file with OpenLDAP's ldap.conf(5).
> >SuSE mixes nss_ldap and pam_ldap's ldap.conf (from PADL software) with
> >openldap's ldap.conf.
>If so, that's ill-advised.
>Regardless, "use ssl" is not, as I said above, an OpenLDAP
>ldap.conf(5) directive and hence will be ignored by OpenLDAP
>command lines tools such as ldapsearch(1).