[Date Prev][Date Next] [Chronological] [Thread] [Top]

more on migrating from 2.3 to 2.4


I did my nfs/nis/ldap/smb/dns swap this morning.

I'm struggling with getting my ldap server to work as before.

slapd is running and answering anonymous queries (like logging in and
checking passwords) from other machines.

>From the slapd host, I can do an ldapsearch (over ssl) and everything
works.  I authenticate as rootdn just fine.

>From a different host, I cant do an ldapsearch; I receive an "invalid
creditionals (49)" error.

I have enabled debugging in ldapsearch and dont see anything
interesting.  The server ssl cert verifies fine.

No config has changed on my client.

I'm thinking its ssl, ipv6, and client cert related or maybe ACLs?

In my slapd.conf file, I've put TLSVerifyClient never

Any suggestions?

slapd is 2.4.26-7.fc16.x86_64

Yes I know I'm running the fedora package.  As soon as I can get the
machine up and running as before I will start migrating.