[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: connection problem with ldapmodify -Y EXTERNAL -H ldapi:///

On 03/10/11 17:43 +0200, Andreas Rudat wrote:
Am 03.10.2011 16:43, schrieb Dan White:
On 03/10/11 16:27 +0200, Andreas Rudat wrote:
*ldapmodify -Y EXTERNAL -H ldapi:///*

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth

The output indicates that you successfully authenticated your connection
to the server. ldapmodify is waiting for you to tell it something to do
(from standard input).

Ah ok, then I missunderstood the tutorial I read.

I'm trying to get sasl+tls running, but I have still some problems.
ldapsearch -x -LLL -s base -b "" supportedSASLMechanisms

supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: NTLM

so tls issn't allowed in my configuration? I added tls on ldap.conf and /etc/default/slapd

Debug says:
TLS: can't connect: A TLS packet with unexpected length was received..

What are the contents of your ldap.conf, and your /etc/default/slapd?

What is your TLS configuration on the server? In particular, your
TLSVerifyClient/olcTLSVerifyClient setting (which should be something other
than the default).

Dan White