[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Configuring LDAP and SSL



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Jatin Nansi

> Hi,
> 
> I am trying to set up OpenLDAP having secure connectivity with 
> clients and other LDAP servers.
> 
> I am following the docs at:
> ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf and 
> http://www.bayour.com/LDAPv3-HOWTO.html
> (great stuff both:))
> 
> but I seem to be getting stuck. 
> 
> Basically I am trying to configure SSL but without Kerberos, 
> since all I want
> is to have secure communication.
> Now I have the server running on both 389 and 636 ports. If I try 
> to connect
> using openssl and check for certs (as in the above pdf), I can 
> see the certs
> I created. 
> 
> But whenever I try to search without the -x option, I get:
> 
> ldap_sasl_interactive_bind_s: No such attribute

Stop trying to search without the -x option then.

> OR
> 
> is it that the connection to port 636 is encrypted with -x also
> and I need to configure kerberos (GSSAPI) for this to work? 
> I am getting confused here...
> 
> so where could I be going wrong?
> 
> Thanks for any directions...

The -x option turns off SASL and forces plain old Simple Authentication.
It has nothing to do with encryption.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support