Hi,
I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I am facing
the 'I have no name !' while I do ssh on client machine(All user info is
getting propagated to client machines properly (checked with getent
passwd,getent passwd and getent shadow)), and this is because I specify no
Hello,
I compiled 2.4.28 and I'm trying to recreate the issue with that version
but I've run into two other issues that are causing slapd to crash in the
meantime. I compiled with the following options:
./configure --enable-ldap --enable-meta
--prefix=/opt/local/openldap-2.4.28 --enable-dynlist
Hi,
I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I have enabled
openldap SSL/TLS. How do I know (test) that I am using SSL/TLS connections
instead of normal ldap:///?
--
Thanks Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
I prefer to define specific access like :
Reader anonymous can only auth,
user after authentification can read and modify
And i don't want to enter the cn=admin user password into client software,
so i try to create a cn=redmine-user which i can use to bind with redmine
ldap authentification,
With the option -ZZ i think, try this
ldapsearch -x -LLL -ZZ -d 150
On Mon, Dec 12, 2011 at 11:21 AM, Jayavant Patil jayavant.pati...@gmail.com
wrote:
Hi,
I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I have enabled
openldap SSL/TLS. How do I know (test) that I am using
To run with tls or die, ldapsearch -ZZ (man ldapsearch for explanation)
You could make the server require clients use tls and finally run
tcpdump / wireshark with and without tls and see if you can see
results in plaintext
Mark
On 12 Dec 2011, at 10:40 a.m., Jayavant Patil
Am Mon, 12 Dec 2011 11:48:35 +0100
schrieb reyman reyma...@gmail.com:
I prefer to define specific access like :
Reader anonymous can only auth,
user after authentification can read and modify
And i don't want to enter the cn=admin user password into client
software, so i try to create a
Hi,
On Mon, Dec 12, 2011 at 4:19 PM, reyman reyma...@gmail.com wrote:
With the option -ZZ i think, try this
ldapsearch -x -LLL -ZZ -d 150
Yeah, It shows output containing ber_dump, ldap_write,ldap_read, tls_write,
tls_read etc. But at the end is shows the following:
TLS certificate
Hi list,
Because of a concern to modify our ldap environment I need to extend the
scheme. The attribute I need is vacationActive and some other attributes
which I didn't find in the existing OpenLDAP schemes.
My question to you is, if I need to get a registered OID for our company to
You have a self signed certificate, so you don't need to verify your
certificate.
When you activate the tls on ldap, you only need this two lines, and you
don't need the line with certificate verification* olcTLSCACertificateFile
: *
dn: cn=config
add: olcTLSCertificateFile
olcTLSCertificateFile:
Hello,
I have a web application that doesn't work with openldap 2.4.21. The
same application is working with an old openldap 2.3.30.
The problem I have is that for some reason this application performs a
search with an undefined filter, the error I get in normal run is:
Dec 12 13:26:47
I had a medium-size post describing some problems I'm having with an
N-Way setup with 2.4.28, but I saw a post from Quanah that sent me in a
new direction so I'm doing some more testing before whining about *that*
problem...
But meanwhile... can anyone tell me if seeing errors like the
Hrm... my previous post seems to have gone MIA, hopefully this one won't
do the same.
I have a pair of servers running 2.4.28 built with BerkeleyDB 5.2.36, in
a multi-master setup. I was having issues with synchronization (namely,
it wasn't syncing) and decided to rebuild the second server.
On 1 November 2011 11:53, John Tobin jto...@po-box.esu.edu wrote:
Certificates verify.
That's a neat tool, put that information somewhere useful.
I had been trying to prove that the certificates were good for a long time.
I changed from nscd, to nslcd by installing via yast, nss-pam-ldapd
Dear Jaun,
Actually I am just getting back to it.
This is finals week. Things will get quiet enough this week that I could
pursue it.
And no, I never got it to work, I had it traced via log entries, and was
going to compare the traces [ldapsearch works with -ZZ, vs. through the ldap
client under
On Mon, Dec 12, 2011 at 05:01:53PM +0100, Denis Witt wrote:
On 12.12.2011 16:44, Craig White wrote:
I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I am facing
the 'I have no name !' while I do ssh on client machine(All user info is
getting propagated to client machines
On Dec 12, 2011, at 9:01 AM, Denis Witt wrote:
On 12.12.2011 16:44, Craig White wrote:
I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I am facing
the 'I have no name !' while I do ssh on client machine(All user info is
getting propagated to client machines properly (checked
reyman wrote:
You have a self signed certificate,
Correct.
so you don't need to verify your certificate.
When you activate the tls on ldap, you only need this two lines, and you don't
need the line with certificate verification*olcTLSCACertificateFile : *
Wrong.
RTFM.
Brandon Hume wrote:
I had a medium-size post describing some problems I'm having with an
N-Way setup with 2.4.28, but I saw a post from Quanah that sent me in a
new direction so I'm doing some more testing before whining about *that*
problem...
But meanwhile... can anyone tell me if seeing
On Mon, Dec 12, 2011 at 10:26:16AM -0800, Howard Chu wrote:
Brandon Hume wrote:
I had a medium-size post describing some problems I'm having with an
N-Way setup with 2.4.28, but I saw a post from Quanah that sent me in a
new direction so I'm doing some more testing before whining about *that*
Hello,
I'm trying to grok Mozilla NSS prior to deploying Openldap 2.4.23 on RHEL 6.2.
I've been working through creating a self-signed cert and I think I have one
that works. At least, if I do:
[root@animal ~]# certutil -d /etc/pki/nssdb/ -L
Certificate Nickname
Le 12/12/2011 19:24, Howard Chu a écrit :
reyman wrote:
You have a self signed certificate,
Correct.
so you don't need to verify your certificate.
When you activate the tls on ldap, you only need this two lines, and
you don't
need the line with certificate
--On Monday, December 12, 2011 2:29 PM -0500 Aaron Bennett
abenn...@clarku.edu wrote:
Hello,
I'm trying to grok Mozilla NSS prior to deploying Openldap 2.4.23 on RHEL
6.2. I've been working through creating a self-signed cert and I think I
have one that works. At least, if I do:
What am I
rey sebastien wrote:
Le 12/12/2011 19:24, Howard Chu a écrit :
reyman wrote:
You have a self signed certificate,
Correct.
so you don't need to verify your certificate.
When you activate the tls on ldap, you only need this two lines, and you don't
need the line with certificate
On 12.12.2011 21:55, rey sebastien wrote:
Le 12/12/2011 21:07, Howard Chu a écrit :
rey sebastien wrote:
Le 12/12/2011 19:24, Howard Chu a écrit :
reyman wrote:
You have a self signed certificate,
Correct.
so you don't need to verify your certificate.
When you activate the tls on ldap,
--On Monday, December 12, 2011 9:55 PM +0100 rey sebastien
reyma...@gmail.com wrote:
IMHO i know this problem but i think this is better than nothing, and
actually i have nothing. I wait for valid certificate...
And sorry but your RTFM answer doesn't help me to resolve this problem
with gnutls
Le lun. 12 déc. 2011 22:20:14 CET, Quanah Gibson-Mount a écrit :
--On Monday, December 12, 2011 9:55 PM +0100 rey sebastien
reyma...@gmail.com wrote:
IMHO i know this problem but i think this is better than nothing, and
actually i have nothing. I wait for valid certificate...
And sorry but
Hello Sir,
I'm Brajabasi from india. I wanted to use OpenLDAP for my project. I found
OpeLDAP( Java version and C version)
1) OpenLDAP(Java version) compliant to RFC 2251-2256,2829-2830
2) OpenLDAP(C version) compliant ti RFC 4511-RFC 4520
RFC 4511 is the latest RFC which obseletes the
Hello Sir,
I'm Brajabasi from india. I wanted to use OpenLDAP for my project. I found
OpeLDAP( Java version and C version)
1) OpenLDAP(Java version) compliant to RFC 2251-2256,2829-2830
2) OpenLDAP(C version) compliant ti RFC 4511-RFC 4520
RFC 4511 is the latest RFC which obseletes the
29 matches
Mail list logo