[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
TLS Configurations with OpenLDAP-2.4.23 on CentOS-6.2 --- Low Sensitivity/Aerospace Internal Use Only
- To: openldap-technical@openldap.org
- Subject: TLS Configurations with OpenLDAP-2.4.23 on CentOS-6.2 --- Low Sensitivity/Aerospace Internal Use Only
- From: Warron S French <Warron.S.French@aero.org>
- Date: Wed, 18 Dec 2013 09:09:27 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=aero.org; i=@aero.org; q=dns/txt; s=mailhub; t=1387375791; x=1418911791; h=to:mime-version:subject:message-id:date:from; bh=7Y7M5pbRxKjxUg6/3e2yAdOVMcauLpbWQ6age20t6fY=; b=DlqG/HdHA5CZsrUp0Loz926xebLuplKBuXrSptUeYQBas+oda3/8Jron +5fbGjMlxhjbar+alfWGW5UDe4o5tapI02jiAZRiserZ7AXg8Qo8yZ45y 4A2hL1dxp3CtywSiQfSpZ4yvmLbEa9nrArpal9emujzoBhu2nLKOBZeja o=;
Low Sensitivity/Aerospace Internal Use
Only
Hello, I need help figuring out why I can't get CentOS-6.2 machines to
authenticate against my OpenLDAP implementation where user and group entries
are stored.
I can use ldapsearch and get back the
results I am expecting, but I don't know where in my long list of configurations
I might have gone wrong, or left something else out. All of my instructions
have been based on reading several (easily 20) other people's pages for
configuring an LDAP DIT for the explicit purpose of centralizing USER AUTHENTICATION.
I can submit my MS Word document that
I used to keep track of the steps that I used thus far. I am writing
up the instructions so that I can repeat them in the hopes of building
a small development environment for my coworkers.
In my environment I have all CentOS-6.4
OS virtual machines that I am running inside of my PC running Oracle VirtualBox.
I am attempting to keep them entirely isolated from the network so,
I have... a dedicated DNS server, dedicated CA server and dedicated LDAP
server. Their names respectively, can be wsf-LabDNS, wsf-LabCA and
wsf-LabLDAP.
I wrote a script that automates the
creation of an LDIF file so that the same script can turn around and add
records (DNs) using ldapadd.
I have CA certificates for my DNS, CA
and LDAP servers, and my CA is a self-signed CA. My DNS and LDAP
servers' certificates are signed by my CA.
I am attempting to use my DNS and CA
servers as LDAP-USER-AUTH clients against my LDAP server. CentOS
requires the use of TLS certificates.
I cannot get user authentication to
work no matter what I have done over the past 4 months. I have a
user account I created, called wsf29221, that I am using to test against
LDAP.
I used yum to install all of my packages,
meaning I did not compile anything from scratch. I am using all of
the OpenLDAP-2.4.23-32.el6_4.1.
The commands I am attempting are:
su - wsf29221
id wsf29221
ssh wsf29221@wsf-LabDNS (from
wsf--LabCA)
I am pretty sure my problem is in the
TLS configuration, but I don't really know what to look at or even where
to start.
Warron French, MBA,
SCSA
|||||Submission End|||||
Low Sensitivity/Aerospace Internal Use OnlyAttachment:
Directory Server Setup.docx
Description: Binary data