OpenLDAP help ?

John Lane lfs at jelmail.com
Thu Feb 10 15:46:12 PST 2005


Hello,

I'm trying to get LDAP working on LFS. I'm posting here in the hope someone
has been through this as I can't find a specific LDAP newsgroup on usenet.

I have LDAP implemented and working along with TLS authentication.

I'm trying to turn off clear text access so authentication is mandatory.

I have noticed that if I do "ldapsearch -ZZ" it connects to port 389, not
post 636 as I would expect. Therefore I can not turn off the clear text
access as my TLS access uses it.

Any pointers where I'm going wrong. All documentation I've found indicates
that "-ZZ" forces the TLS connection via port 636. I know it is not doing
this, as can be seen from this log :

-bash-2.05b$ ldapsearch -d 1 -ZZ
ldap_create
ldap_extended_operation_s
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP blfs.myhost.com:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 10.0.0.100:389
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_is_sock_ready: 3
ldap_is_socket_ready: error on socket 3: errno: 111 (Connection refused)
ldap_close_socket: 3
ldap_perror
ldap_start_tls: Can't contact LDAP server (-1)
-bash-2.05b$


Any pointers would be very much appreciated.

Thanks,
John






More information about the lfs-support mailing list