Hi all!
I'm using Debian Sarge with openldap, samba and TLS. I can't figure out
if TLS
works or not so please help me out here. The certificate verification is OK.
I installed the server looking at the howtos on idealx.org
I can add users, groups and computers to ldap. I've tried with sucess to add
computer to the domain. Now to the point.
When I do a test like:
ldapsearch -x -ZZ -D "cn=admin,dc=dbb,dc=su,dc=se" -W -b '' -s
base
'(objectClass=*)' namingContexts
Everything works only if I have TLSVerifyClient allow or none. If I use
TLSVerifyClient try or demand which generate a "ldap_bind: Can't
contact LDAP
server (81)"
I estimate the server choosed not to use TLS at all
But when I try to make a lookup error in ldap.conf. I change the the HOST from
FQDN to it's ip address.
Now if using "TLSVerifyClient allow" I get a certificate error which
should be
correct. This must also mean that ldapsearch reads correct ldap.conf and
certificate.
I'm very confused here and really need some help.
Peter Nyberg
Institutionen f?r Biokemi och Biofysik (DBB)
Sv.Arrhenius v?gen 12
106 91 Stockholm
Tel: 08-16 24 69
Mobil: 070 339 24 69
Fax 08 153679
