[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [Lam-public] ssl not working with ldap-lam
On Wed, 3 Mar 2004, Xavier Poirier wrote:
> Hi all,
>
> Hope this message will help some persons here.
> I was about 2 weeks now fighting with OpenLDAP SSL + LAM
> And finally I have found what happen:
> I had two files ldap.conf in my Mandrake9.2 server (don't now why):
> 1- /etc/openldap/ldap.conf
> 2- /etc/ldap.conf
>
> I was modifing the wrong file !!! (/etc/openldap/ldap.conf) witch was
> not read by the system.
> finally , putting all the SSL options into the good file
> (/etc/ldap.conf), now it work good with LAM.
>
Yes, this problem was introduced a long time ago, I think by Chris
Zoffoli (juding by the comments in the spec file), and without adjusting
the documentation. Now, we have to consider people who have a "broken"
configuration with openldap directives in /etc/ldap.conf, so this probably
won't be fixed for 10.0 (since package uploads closed yesterday).
There may be a bug in Mandrake bugzilla for this (it has been discussed on
cooker-server).
> But, for searching with "ldapsearch" into a console mode in the server
> The user must have the env variable LDAPTLS_CACERT.
>
If your server requires authentication via an SSL cert.
> > It works adding "env LDAPTLS_CACERT/path/to/my/cacert.pem"
> ...
>
Or you can set it in ~/.ldaprc.
> I can go on translate "lam" to french now! °-)
Well, phpLDAPAdmin works well enough IMHO, and the only real feature it
misses (Samba group memberships) can be done better by User Manager for
Domains).
And, since there is already a "lam" package in contrib, I can't add it
anyway:
$ rpm -qip /contrib/SRPMS/lam-7.0.4-2mdk.src.rpm
Name : lam Relocations: (not relocatable)
Version : 7.0.4 Vendor: MandrakeSoft
Release : 2mdk Build Date: Tue Mar 2
16:59:44 2004
Install Date: (not installed) Build Host:
n4.mandrakesoft.com
Group : Development/Other Source RPM: (none)
Size : 5727637 License: BSD
Signature : DSA/SHA1, Tue Mar 2 19:26:08 2004, Key ID dd684d7a26752624
Packager : Erwan Velu (erwan@mandrakesoft.com)
URL : http://www.lam-mpi.org/
Summary : The LAM (Local Area Multicomputer) programming environment.
Description :
(BTW, this is most likely off-topic for the openldap list ...)