[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLdap 2.0.3 using TLS or ldaps with OpenSSL certificates



At 09:30 AM 9/19/00 -0400, dbroady@lexmark.com wrote:
>I turned on debug for the ldapsearch client and could see that it was getting
>back:
>     ldap_interactive_sasl_bind_s:  server supports:  PLAIN
>     ldap_int_sasl_bind:  PLAIN
>     ldap_perror
>     ldap_sasl_interactive_bind_s:  Unknown authentication method

The client default configuration is "noanon,noplain" (for security
and LDAPv3 conformance reasons).  You can adjust the SASL security
properties of most command line tools using the -O option.  Note
that available options changes if peers detect appropriate security
services.

>Am I missing a command line argument to ldapsearch so that it can use TLS (or
>ldaps) to connect to the slapd properly.  Any help would be greatly appreciated.

You use StartTLS, use the -Z option.
To use LDAPS, use -H ldaps://...

Kurt