[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tls, pam_ldap and /etc/passwd

To: openldap-software@OpenLDAP.org
Subject: Re: tls, pam_ldap and /etc/passwd
From: Christopher Walden <cmwalden@mythmade.com>
Date: Thu, 25 Apr 2002 15:47:44 -0500

On Thu, 25 Apr 2002, Christopher Walden wrote:
> On Thursday 25 April 2002 12:30, Dan Parker wrote:
> > It's requiring this because pam_ldap isn't talking to your LDAP server
> > over TLS.  Have you setup ssl support in /etc/ldap.conf?
>
> I did not initially have a pam_ldap.conf file.  Based on other information,
> I created one with the following:
>
>    ssl on
>    tls_ciphers  HIGH:MEDIUM:+SSLv2:RSA
>    tls_checkpeer no
>
> However, I don't know for sure if this file is being accessed.  I find it
> curious that it was not installed and is not mentioned in the
> nss_ldap/pam_ldap docs.

Did you have /etc/ldap.conf?  I believe on Red Hat /etc/ldap.conf is
the configuration file for pam_ldap and nss_ldap.  On Debian it is split
between /etc/libnss-ldap.conf and /etc/pam_ldap.conf.

Where did you find information about tls_ciphers and tls_checkpeer?
I've never seen those before...

Dan

Prev by Date: web500gw
Next by Date: change a schema.
Index(es):
- Chronological
- Thread