On Sun, May 21, 2006 at 02:17:04PM -0500, Steve Langasek wrote: > On Sun, May 21, 2006 at 07:25:38PM +1000, Alexander Samad wrote: > > Package: sudo-ldap > > Version: 1.6.8p12-4 > > Severity: grave > > Justification: renders package unusable > > > I have setup sudo-ldap to use the local ldap db. My /etc/ldap/ldap.conf > > has > > > uri ldap://127.0.0.1 > > > when I change this to > > > uri ldaps://hufpuf.lan1.hme1.samad.com.au > > > it faills and I get with with debuging turned on > > > LDAP Config Summary > > =================== > > uri ldaps://hufpuf.lan1.hme1.samad.com.au > > ldap_version 3 > > sudoers_base ou=SUDOers,dc=samad,dc=com,dc=au > > binddn (anonymous) > > bindpw (anonymous) > > ssl (no) > > =================== > > ldap_initialize(ld,ldaps://hufpuf.lan1.hme1.samad.com.au) > > ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,0x03) > > ldap_simple_bind_s()=81 : Can't contact LDAP server > > Why do you say that this is a sudo-ldap bug? What tests have you done to > verify that this isn't a network/firewall bug or a libldap bug?
Hi I configure a working system to start with. The ldap server is on the same machine, there are no iptable entries. libnss-ldap and libpam-ldap work when I make the change from ldap://127.0.0.1 to ldaps://hufpuf.lan1.hme1.samad.com.au when I turn on logging from openldap I notice a connection being made and then I notice the connectect is closed, no bind is attempted. I can't rule out a libldap bug how can I test this ? when I use ldapsearch with anon ldaps:// it works, but it links against the 2.2 ldaplibraries. > > -- > Steve Langasek Give me a lever long enough and a Free OS > Debian Developer to set it on, and I can move the world. > [EMAIL PROTECTED] http://www.debian.org/ >
signature.asc
Description: Digital signature