[Date Prev][Date Next] [Chronological] [Thread] [Top]

'Operations error' possible from self signed cert?



Hi,

I have a working (I think) LDAP proxy using TLS between other systems
and our Active Directory. I am though slightly confused as to why when
the proxy is working it is generating the following operations error
messages.

An example of the query and response:

ldapsearch   -x -LLL  "(cn=ta99)" -D "CN=ldapproxy,OU=Service
Accounts,DC=myad,DC=canterbury,DC=ac,DC=uk" -w password -Z
ldap_start_tls: Operations error (1)
        additional info: TLS already started
dn: cn=ta99,ou=Test Accounts,ou=OU
Canterbury,dc=myad,dc=canterbury,dc=ac,
 dc=uk
cn: ta99
SAMACCOUNTNAME: ta99

#
refldaps://ForestDnsZones.myad.canterbury.ac.uk/DC=ForestDnsZones,DC=cca
d,D
 C=canterbury,DC=ac,DC=uk

#
refldaps://ccad.canterbury.ac.uk/CN=Configuration,DC=myad,DC=canterbury,
DC=
 ac,DC=uk

#
refldaps://DomainDnsZones.ccad.canterbury.ac.uk/DC=DomainDnsZones,DC=mya
d,D
 C=canterbury,DC=ac,DC=uk

#
refldaps://ccad.canterbury.ac.uk/CN=Schema,CN=Configuration,DC=myad,DC=c
ant
 erbury,DC=ac,DC=uk

Operations error (1)


Note that the response LDIF has been filtered somewhat via use of the
rwm overlay and this is deliberate. My concern though is the 'Operations
error (1)' at the beginning and end of the operation.  I *think* that
this is because I am using a self signed cert which I am politely
allowing though (TLS_REQCERT allow) - but would like to be sure that
this is the cause of the error before I have to start getting things up
on a real server with a properly trusted certificate and appropriate
chain.

Many thanks

Paul