LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-15-2006, 12:01 AM   #1
lnthai2002
Member
 
Registered: Jan 2005
Location: Montreal, QC, CANADA
Distribution: Red Hat Fedora
Posts: 135

Rep: Reputation: 15
Question LDAPS client cannot connect


Hi,
I try to deploy LDAP to do authentication for my LAN. Without encryption(no SSL nor TLS) ldap service works fine. However, adding SSL to the service cause clients not be able to connect to LDAP server for authentication.
My /etc/openldap/slapd.conf is:

Code:
#schema
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
####allow ldapv2 client connection, this is not the default
#allow bind_v2
#loggin options
loglevel 296
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
#TLS options
TLSCipherSuite          HIGH
TLSCertificateFile      /etc/openldap/ssl/slapd-cert.crt
TLSCertificateKeyFile   /etc/openldap/ssl/slapd-key.pem
#Set high security
security ssf=128
#Miscellaneous security option
password-hash   {SSHA}
#default access
defaultaccess   search
#database
database        bdb
#root suffix for direcoty
suffix          "dc=lightportal"
#root DN for admin
rootdn          "cn=Manager,dc=lightportal"
rootpw          {SSHA}DnXPdfdsadfvxczdfgdvxcvoL4vwRJmY
#directory where ldap database is stored
directory       /var/lib/ldap/lightportal/
#ensure that files are read only by their owner
mode    0600
#ACLs to control accessto the directory
#Allow users to authenticate agains and modify their own passwords
access to attrs=userPassword
        by self write
        by * auth
#Allow users to read all non password data
access to *
        by * read

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
Port 636 and 389 are already open on server
I am very appreciate any suggestion
Thai
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Look for Direct Connect client nc3b Slackware 1 01-12-2006 04:11 PM
ProFTPd ... FTP client fails to connect: timeout after client sends 'LIST' nutnut Linux - Software 2 01-01-2006 08:09 PM
nxserver - can not connect with client thesonic1 Linux - Software 4 10-27-2005 08:49 AM
can not connect to my pureftp server from Linux client, but i can from windows client bonito SUSE / openSUSE 5 03-16-2005 10:45 PM
direct connect client monohouse Linux - Software 2 12-13-2004 07:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration