[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tls, pam_ldap and /etc/passwd



On Thursday 25 April 2002 15:38, Dan Parker wrote:
> Did you have /etc/ldap.conf?  I believe on Red Hat /etc/ldap.conf is
> the configuration file for pam_ldap and nss_ldap.  On Debian it is split
> between /etc/libnss-ldap.conf and /etc/pam_ldap.conf.
>
> Where did you find information about tls_ciphers and tls_checkpeer?
> I've never seen those before...

/etc/ldap.conf is present.  I've been using authconfig to set up the LDAP 
settings.  It appears to edit the /etc/ldap.conf.  Rather than "ssl on," it 
adds a command called "ssl start_tls."  I've tried changing it to "ssl on" 
with no results.

As to where I found the other settings, I see those commented in the 
/etc/ldap.conf file.  I saw a reference to that setting on a random 
discussion archive page during my research.

I would be happier if I was getting error messages saying there was an LDAP 
connection failure.  But all I'm getting is "illegal user" messages in 
/var/log/secure.  

BTW, if I have TLS activated, and user reference in /etc/passwd, it will allow 
me to login the user with the LDAP password.

Regards.

Christopher Walden
Austin, TX