[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [Lam-public] ssl not working with ldap-lam



On Wed, 3 Mar 2004, Xavier Poirier wrote:

> Hi all,
> 
> Hope this message will help some persons here.
> I was about 2 weeks now fighting with OpenLDAP SSL + LAM
> And finally I have found what happen:
> I had two files ldap.conf in my Mandrake9.2 server (don't now why):
> 1- /etc/openldap/ldap.conf
> 2- /etc/ldap.conf
> 
> I was modifing the wrong file !!! (/etc/openldap/ldap.conf) witch was
> not read by the system.
> finally , putting all the SSL options into the good file
> (/etc/ldap.conf), now it work good with LAM.
> 

Yes, this problem was introduced a long time ago, I think by Chris 
Zoffoli (juding by the comments in the spec file), and without adjusting 
the documentation. Now, we have to consider people who have a "broken" 
configuration with openldap directives in /etc/ldap.conf, so this probably 
won't be fixed for 10.0 (since package uploads closed yesterday).

There may be a bug in Mandrake bugzilla for this (it has been discussed on 
cooker-server).

> But, for searching with "ldapsearch" into a console mode in the server  
> The user must have the env variable LDAPTLS_CACERT.
> 

If your server requires authentication via an SSL cert.

> > It works adding "env LDAPTLS_CACERT/path/to/my/cacert.pem"
> ...
> 

Or you can set it in ~/.ldaprc.

> I can go on translate "lam" to french now! °-)

Well, phpLDAPAdmin works well enough IMHO, and the only real feature it 
misses (Samba group memberships) can be done better by User Manager for 
Domains).

And, since there is already a "lam" package in contrib, I can't add it 
anyway:
$ rpm -qip /contrib/SRPMS/lam-7.0.4-2mdk.src.rpm
Name        : lam                          Relocations: (not relocatable)
Version     : 7.0.4                             Vendor: MandrakeSoft
Release     : 2mdk                          Build Date: Tue Mar  2 
16:59:44 2004
Install Date: (not installed)               Build Host: 
n4.mandrakesoft.com
Group       : Development/Other             Source RPM: (none)
Size        : 5727637                          License: BSD
Signature   : DSA/SHA1, Tue Mar  2 19:26:08 2004, Key ID dd684d7a26752624
Packager    : Erwan Velu (erwan@mandrakesoft.com)
URL         : http://www.lam-mpi.org/
Summary     : The LAM (Local Area Multicomputer) programming environment.
Description :


(BTW, this is most likely off-topic for the openldap list ...)