search for: openldap

--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated OpenLDAP packages available for Red Hat Linux 6.2, 7, and 7.1 Advisory ID: RHSA-2001:098-05 Issue date: 2001-07-17 Updated on: 2001-08-09 Product: Red Hat Linux Keywords: openldap cert ber Cross references: Obsoletes: RHSA-2000:105 ---------------------------...

Hello guys, actually I'm trying to configure dovecot to access openldap for passwordcheck. My openldap is only allow access over "secure ldap". The dovecot can communicate with the openldap server but there is maybe a failure in the sslhandshake. Additional information you can find in the logs or in the dump below. Also I have my ldap config from dovecot in...

Hello, I have also installed LE certs. But nothing helps, I have double-checking all certs. ldapsearch with -ZZ works see: https://gwarband.de/openldap/ldapsearch.log I have also uploaded the TLSCACertificateFile, maybe I have a failure in the merge of the two fiels: https://gwarband.de/openldap/LetsEncrypt.crt And also I have uploaded my complete openldap configuration: https://gwarband.de/openldap/openldap.conf All other components can work...

I've replicate the settings from ldapsearch to dovecot but no success. To the certificate: Yes it's a *.crt file but I have linked the *.pem file to it and dovecot has read access to that file. I have enabled the debugging in dovecot and have uploaded the output: https://gwarband.de/openldap/dovecot-connect.log And the other site with ldapsearch: https://gwarband.de/openldap/ldapsearch-connect.log I'm pretty sure that there is a problem with the sslhandshaking between openldap and dovecot, but I can't find the source of the problem. One of the steps in the sslhandshaking is...

The serverlog of openldap with loglevel "any": https://gwarband.de/openldap/openldap-connect.log Note: openldap waits 1 Minute before he says "TLS negotiation failure" after the connect. and dovecot says direct "Connect error" I've also delete the TLSCipherSuite from openldap. Tobias Am...

...r. I've tested all combinations of: - tls_ca_cert_file = <cert> - tls = yes - tls_require_cert = demand Every time it says "Connection error". Only when tls is uncommented it says "TLS required". Additional information from my contact with the openldap-technical mailing list: The ldapsearch under the user dovecot with -ZZ works fine. And they mention that the ldap.conf and dovecot-ldap.conf should have no differences, that is correct no differences. Here is a link to the ldap.conf https://gwarband.de/openldap/ldap.conf And the output of ldapsea...

I am spoiled with Yum: never have had a dependency problem until today. Can this be resolved: ---> Downloading header for compat-openldap to pack into transaction set. compat-openldap-2.3.27_2. 100% |=========================| 30 kB 00:00 ---> Package compat-openldap.i386 0:2.3.27_2.2.29-4.el4.centos set to be updated --> Running transaction check --> Processing Dependency: libmysqlclient.so.14(libmysqlclient_14) for p...

...ce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2015:1840 Important CentOS 5 openldap Security Update (Johnny Hughes) 2. CESA-2015:1840 Important CentOS 6 openldap Security Update (Johnny Hughes) 3. CESA-2015:1840 Important CentOS 7 openldap Security Update (Johnny Hughes) 4. [Infra] dev.centos.org redirection (Fabian Arrotin) ---------------------------...

I am getting the following error when doing "yum -y install openldap-clients". The machine is still on 5.2 and not 5.3. I dont wish to disturb the machine that much at this time. Is there no easy way to install openldap-clients? Jerry ------------ Loading "installonlyn" plugin Setting up Install Process Setting up repositories Reading repository...

...imes out on validating provided certificate with imap-login: Error: Timeout waiting for handshake from auth server. imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs) Tomas On 03/18/2017 02:22 PM, info at gwarband.de wrote: > The serverlog of openldap with loglevel "any": > https://gwarband.de/openldap/openldap-connect.log > Note: openldap waits 1 Minute before he says "TLS negotiation failure" > after the connect. > and dovecot says direct "Connect error" > > I've also delete the TLSCipherSui...

First, I'll just say this is a question principally about the arcane mysteries of Samba to OpenLDAP authentication. I've had Samba to OpenLDAP authentication running for a while now using the samba.schema and the ldapsam module. Now I'd like to understand a bit more about how that works in order to take it a step further and get openLDAP to bind against a Kerberos database via SASL....

Increase log level on server side as well to see what the server says... You may remove anything in TLSCipherSuite for the purpose of testing too. Hopefully anyone knowing OpenLDAP internals could help you analyse it more deeply. Tomas On 03/18/2017 01:31 PM, info at gwarband.de wrote: > I've replicate the settings from ldapsearch to dovecot but no success. > To the certificate: > Yes it's a *.crt file but I have linked the *.pem file to it and dovecot >...

...havior (timeout with connection error) only if Dovecot's tls_ca_cert_file provided either non-existent file or there was no read access to the existing file -- found during review after sending my last post as I run CentOS, not Debian and didn't adjust the path correctly (/etc/ldap vs. /etc/openldap) in dovecot-ldap.conf when setting that up. Anyway, ldapsearch uses the same library as Dovecot so if ldapsearch works, Dovecot _simply_ must work as well ;) As mentioned, I normally run CentOS, where /etc/ssl/certs has SELinux security context; don't you by any chance run something similar w...

Hello pine 4.64 on CentOS 5 I have successfully compiled 4.64 with SSL and it works fine. However, I like to add LDAP feature. I am having trouble with compiling it with LDAP. I built the latest stable openldap-2.3.38 I did include this when I built openldap: ./configure --with-cyrus-sasl Compile process gives me these errors below. Any clue as what I may be doing wrong? Thanks, Farid /p1/fh/openldap-2.3.38/libraries/libldap/cyrus.c:88: undefined reference to `sasl_version' /p1/fh/openlda...

Well, if ldapsearch works, try to replicate its settings for dovecot client. It's not obvious what settings ldapsearch uses, have a look at default client settings in /etc/openldap/ldap.conf, there may be something set a slightly different way. Also double check permissions for files used by dovecot, I mean mainly the file listed for tls_ca_cert_file as dovecot may not have an access for reading... I cannot see anything downright bad, just posted CA cert (which is ok, tested...

Hi, We are (still) mainly using CentOS 5 (5.8 x86_64). As CentOS / EL 5 standard OpenLDAP packages are rather old (2.3.x), we've been using LTB OpenLDAP packages ( http://ltb-project.org/wiki/download#openldap), which get installed in non-standard file system locations. I am not much experienced in building RPMs and preparing spec files. We are currently using dovecot RPM packag...

-----BEGIN PGP SIGNED MESSAGE----- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New openldap packages. Advisory ID: RHSA-2000:012-05 Issue date: 2000-04-13 Updated on: 2000-04-21 Product: Red Hat Linux Keywords: openldap startup symlink overwrite denial Cross references: N/A - --------------------------------------------------------------------- 1....

Hello! I just joined this mailing list, so I apologize in advance if this topic has already been covered. Red Hat and Suse announced they are no longer supporting OpenLDAP in future releases. https://www.ostechnix.com/redhat-and-suse-announced-to- withdraw-support-for-openldap/ However, we mainly use CentOS and while it's a RH derivative, I wanted to find out what CentOS plans on doing in this regard. Will you continue to include OpenLDAP or will it simply be re...

Hi List, I'm currently setting up an openldap server and included the following lines in my slapd.conf : modulepath /usr/lib/ldap moduleload back_hdb after finishing up my config and i run slaptest on it i get an error saying that the modulepath doesn't exist. I checked and it indeed isn't there , in fact i can find it anywhere on my s...

...ty Advisory 2015:1840 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1840.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: cc181bbfac7f8256afb84c7345aeeabe02967ce32d0b19980e3d10ab7eff941d compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm b22b59b70a24b9d81e3636dd64c13bcb31837d0fc585e8d40d3c42b09addc982 openldap-2.3.43-29.el5_11.i386.rpm 3071dbeb025e46da4b8ebb3cf697871525e0ff3f319c062f989d6538b4b6a3d3 openldap-clients-2.3.43-29.el5_11.i386.rpm f42c1033d9c8749d85358d8ed2636c5f43a06bc15561dca4d00adc69...