[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using TLS connecting to a AD server. openldap2.4.42

To: Don jessup <djessup72@yahoo.com>, openldap-technical@openldap.org
Subject: Re: Using TLS connecting to a AD server. openldap2.4.42
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Sat, 09 Sep 2017 16:03:58 -0700
Content-disposition: inline
In-reply-to: <WM!397d278a8743224aa5f4a5c0b3fe682259437befb38ee1bb0566ec0c36f8d9cb83b041ec332aa5344ef1102a84e08108!@mailstronghold-1.zmailcloud.com>
References: <562266727.5579513.1504892914660.ref@mail.yahoo.com> <562266727.5579513.1504892914660@mail.yahoo.com> <WM!397d278a8743224aa5f4a5c0b3fe682259437befb38ee1bb0566ec0c36f8d9cb83b041ec332aa5344ef1102a84e08108!@mailstronghold-1.zmailcloud.com>

--On Friday, September 08, 2017 6:48 PM +0000 Don jessup<djessup72@yahoo.com> wrote:

int reqcert = LDAP_OPT_X_TLS_NEVER;
ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);

Is there way to make this work programmatically without using the
ldap.conf?


Yes.  The problem is the TLS options generally have to be set globally.

You might want to look at<https://github.com/quanah/openldap-scratch/commit/59dbb01122ad92ef2a6e05cc3642355ab85d6103>


--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Follow-Ups:
- Re: Using TLS connecting to a AD server. openldap2.4.42
  - From: Michael Ströder <michael@stroeder.com>

References:
- Using TLS connecting to a AD server. openldap2.4.42
  - From: Don jessup <djessup72@yahoo.com>

Prev by Date: Re: pcache overlay, caching DNs
Next by Date: Invalid credentials problem
Index(es):
- Chronological
- Thread