søn, 2002-08-25 kl. 15:18 skrev Stephen Torri: > On Sat, 2002-08-24 at 23:09, Kurt D. Zeilenga wrote: > > You might try enabling some debugging output... > > Most likely the problem is TLS certificate related. > > And likely unrelated to Kerberos. If, as Kurt has pointed out, this is a certificate-related problem (which in my own experience mostly similar problems are), the you won't yet have enough knowledge to know what the slapd debugging output means. The best choice for this is '-d 5', but all you'll see is that there is no ldapbind, not why. To see exactly what is going on, you can best compile, run and learn Ethereal: This is a packet sniffer, with which you can see the exact content of each packet exchanged, both with and without ecncryption. Though again, you'd have to know what to expect of the contents of an IP packet. The best thing you can do is to make sure that your signed certificate(s) is/are declared in both slapd.conf (man slapd.conf) and ldap.conf (man ldap.conf) are readable by whichever user is running ldapsearch. See Peter A. Savitch's posting of 10th August last for a complete HOWTO on this last point. Best, Tony -- Tony Earnshaw The usefulness of RTFM is vastly overrated. e-post: tonni@billy.demon.nl www: http://www.billy.demon.nl gpg public key: http://www.billy.demon.nl/tonni.armor Telefoon: (+31) (0)172 530428 Mobiel: (+31) (0)6 51153356 GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981 3BE7B981
Attachment:
signature.asc
Description: Dette er en digitalt signert meldingsdel