[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Couldn't start TLS

To: Fábio Gomes <flgomes@fazenda.sp.gov.br>
Subject: Re: Couldn't start TLS
From: Norbert Klasen <klasen@zdv.uni-tuebingen.de>
Date: Mon, 12 Feb 2001 11:56:06 +0100
Cc: openldap-software@OpenLDAP.org
Organization: DFN Directory Services, ZDV Uni Tübingen
References: <3A842D01.6A7AB23A@fazenda.sp.gov.br>

Hi Fábio,
>         I have intalled a OpenLDAP with SSL support. Basically to use
> ldapmodify to change passwords in the Windows 2000 Active Directory. But
> when I type something like: ldapmodify -D "binddn" -W -b "dc=domain" -Z
> cn=user , the program send me a message saying that "WARNING: could not
> start TLS".

AD doesn't support the StartTLS extended operation. You have to use LDAP
over SSL (LDAPS, port 636):
ldapmodify -x -H ldaps://ad.example.com -D ...

-- 
Norbert Klasen
DFN Directory Services                           tel: +49 7071 29 70335
ZDV, Universität Tübingen                        fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen              http://www.directory.dfn.de
Germany                             norbert.klasen@zdv.uni-tuebingen.de

References:
- Couldn't start TLS
  - From: Fábio Gomes <flgomes@fazenda.sp.gov.br>

Prev by Date: Compile problem with Head and cyrus SASL
Next by Date: Attribute not allowed when adding mail to person
Index(es):
- Chronological
- Thread