[Date Prev][Date Next]
Re: openldap+TLS 'works', but slapd.log reports "err=13 text=TLS confidentiality required" @ slapd start
--On Friday, August 22, 2008 1:52 PM -0700 "Ben Wailea, openldap-software"
You're entirely missing my point. You've noted what your setup is, and the
changes you made. Once you made those changes and restarted the server,
some connections started failing. Your logs show what IP address those
connections are coming from, but since they are being blocked by the
changes you made, there's really no data on what client is making those
connections. The only person who can track down what clients are trying to
bind *without* TLS is you. You may not like that answer, but it isn't
going to change. You're original question posed at the end of your email
was is this the expected behavior for those settings, and the answer is
yes. If you block clients that are not using TLS from binding, then they
are going to fail to bind once the changes are in effect.
Now, does your ldapsearch command with -ZZ continue to work after there
What other processes have you configured to access the LDAP server from the
local host? nscd? nss_ldap? etc. Look at those things.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration