[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RES: Newbie question on client Auth and SSL

To: Bruno Di Rei Araujo <BrunoA@calu.com.br>
Subject: Re: RES: Newbie question on client Auth and SSL
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Fri, 29 Oct 2004 21:08:52 -0700
Cc: "'OpenLDAP software list'" <openldap-software@OpenLDAP.org>
Content-disposition: inline
In-reply-to: <0674896130854B4CBEB5924453DC03CA047FCB@CALU-MATRIZ2>
References: <0674896130854B4CBEB5924453DC03CA047FCB@CALU-MATRIZ2>

--On Friday, October 29, 2004 4:12 PM -0200 Bruno Di Rei Araujo <BrunoA@calu.com.br> wrote:

Quanah,

Maybe I expressed myself in a wrong way. With "binding" I mean "user".
So, what I'm trying is to ldapsearch from a remote host (i.e. client) and
to authenticate squid (using pam_auth). The commands on the remote host
were:

# pam_auth -n squid_ldap   ----- In this case, the user were "Anonymous"
# (as
far as I can tell)


# ldapsearch -Uadriela -b "dc=calu,dc=com,dc=br" "(uid=adriela)"
               ^^^^^^^
--- Now,       this      (adriela) is the user. I'm trying to search it
own entry

I think you misunderstand how to connect to the directory server in this case. If you don't have SASL set up, you would probably get more success with something like:

ldapsearch -x -D"uid=adriela,dc=calu,dc=com,dc=br" -w <password> -b"dc=calu,dc=com,dc=br" uid=adriela

-x will perform a simple bind in this case (No SASL)

removing the -x will perform a SASL bind.

The -D flag I supplied is likely wrong, since I don't know how your directory tree is laid out.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- RES: Newbie question on client Auth and SSL
  - From: Bruno Di Rei Araujo <BrunoA@calu.com.br>

Prev by Date: RE: log errors regarding "can't contact ldap server"
Next by Date: Re: Is there a best OS to run OpenLDAP ?
Index(es):
- Chronological
- Thread