[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL authentication to Active Directory via OpenLDAP client

I have set up Active Directory to serve requests over SSL (ldaps://). Also, I have generated the certificate files on Windows 2008 server. 

(I have copied the self-signed certificate to test.cer)

I have downloaded test.cer file to my linux machine to use it with Openldap client. 

The .cer file is present in /etc/openldap/certs directory and the content of ldap.conf file is 

TLS_CACERTDIR   /etc/openldap/certs

However, when I issue an ldapsearch on the Active Directory I end up with the following error:

ldapsearch -x -H ldaps:// -D CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -b CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -w Admin123

ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

My question:
1) Is this how I use my *.cer file?
2) How do I convert it to a proper file recognized by openldap clients?
3) What am I missing? (Very new to ldap and Active Directory)
4) Any useful resource or documentation to get ldaps working?


Ashwin kumar