[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS with Active Directory

To: Quanah Gibson-Mount <quanah@stanford.edu>
Subject: Re: TLS with Active Directory
From: Matthew Smith <mps@getbusi.com>
Date: Wed, 24 Mar 2004 12:40:03 +1100
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <2093876415.1079973135@cadabra.stanford.edu>
References: <200403231017.28887.mps@getbusi.com> <2093876415.1079973135@cadabra.stanford.edu>
User-agent: KMail/1.5

On Tue, 23 Mar 2004 11:32 am, Quanah Gibson-Mount wrote:
> It sounds more like you haven't told OpenLDAP to trust the AD server's CA.
> You might want to look at 'man ldap.conf' and pay particular attention to
> the TLS_CACERT directive.
>
> You can also give a -d -1 option to the OpenLDAP binary you are using to
> connect to AD with to see what it says.

Thanks, I reinstalled windows 2000, and it is now going without needing the 
TLS_CACERT... I also changed my dns settings which might have helped.

The -d -1 option was very handy though.

Now to get the same result using python-ldap :)

Cheers

Matt Smith

Follow-Ups:
- Re: TLS with Active Directory
  - From: Michael Ströder <michael@stroeder.com>

References:
- TLS with Active Directory
  - From: Matthew Smith <mps@getbusi.com>
- Re: TLS with Active Directory
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: SASL/GSSAPI not working
Next by Date: Re: SASL/GSSAPI not working
Index(es):
- Chronological
- Thread