Greedchen Mueller a �crit :
<DIV>Hi List,</DIV>
<DIV> </DIV>
<DIV>new in useing OpenCA.</DIV>
<DIV> </DIV>
<DIV>My System is a i386 maschine with Debian Sage
Linux. I have made a installation according the howto
from dartmouth. One installation for CA and one for
RA,SCEP and LDAP on the other hand.</DIV>
<DIV> </DIV>
<DIV>CA,RA is working, in addition SCEP works with
SSCEP.</DIV>
<DIV> </DIV>
<DIV>Now i want to use LDAP, but there are problems.
I'am a novice in LDAP.</DIV>
<DIV> </DIV>
<DIV>If i update LDAP i get "invalid ...DN"</DIV>
<DIV> </DIV>
<DIV>and in the logfile of openra you can see:</DIV>
<DIV> </DIV>
<DIV>+++++++++++++++++++++++++++++++++</DIV>
Please, do not post HTML, use simple text for your messages.
OpenCA::LDAP->add_object: Cannot bind to server.
OpenCA::LDAP->add_object: Started add_object ...
OpenCA::LDAP->add_object: certificate present ...
OpenCA::LDAP->add_object: role ok ...
OpenCA::LDAP->add_object: Information of the Object:
OpenCA::LDAP->add_object: dn
[EMAIL PROTECTED],CN=root,O=test,C=DE
OpenCA::LDAP->add_object: cn root
OpenCA::LDAP->add_object: serID 2147483647
OpenCA::LDAP->add_object: email [EMAIL PROTECTED]
OpenCA::LDAP->add_object: ou
OpenCA::LDAP->add_object: o test
OpenCA::LDAP->add_object: l
OpenCA::LDAP->add_object: st
OpenCA::LDAP->add_object: c DE
OpenCA::LDAP->add_object: End of the information of
the Object
OpenCA::LDAP->connect: ldap2://localhost:389
OpenCA::LDAP->setError: 34: invalid DN
OpenCA::LDAP->add_object: Cannot bind to server.
It seems that the login and/or password that you provided
in the OpenCA LDAP configuration is wrong.
i read the posting from Johnny Gonzalez
(msg05686.html)
I have edit slapd in this way:
+++++++++++++++++++++++++++++++++
database bdb
suffix "o=test,c=DE"
rootdn
"cn=root,[EMAIL PROTECTED],o=test,c=DE"
# Cleartext passwords, especially for the rootdn,
should
# be avoid. See slappasswd(8) and slapd.conf(5) for
details.
# Use of strong authentication encouraged.
rootpw root
++++++++++++++++++++++++++++++++++
and ldap.conf in openldap
+++++++++++++++++++++++++++++++++
BINDDN cn=root,[EMAIL PROTECTED],o=test,c=DE
BASE o=test,c=DE
HOST 172.16.98.92
PORT 389
ldaproot
"cn=root,[EMAIL PROTECTED],o=test,c=DE"
ldappwd "root"
++++++++++++++++++++++++++++++++++
on my openca installation ldap.conf
++++++++++++++++++++++++++++++++++
basedn "o=test, c=DE"
ldaproot
"cn=root,[EMAIL PROTECTED],o=test,c=DE"
ldappwd "root"
++++++++++++++++++++++++++++++++++
Why do you use such a complicated DN for your
LDAP administrator?
cn=root,[EMAIL PROTECTED],o=test,c=DE
Usually one will most likely use something like:
cn=admin,o=test,c=DE
Could you try with this simpler DN?
My certificates use:
o=test,c=DE,cn=root,[EMAIL PROTECTED]
I hope there are idears :-)
I don't think there is any link between the DN of your
LDAP admin and any certificate when it comes to your LDAP connexion.
Someone else could maybe confirm this.
Cheers,
--
Marc-Aur�le DARCHE
NUXEO (Paris, France) http://nuxeo.com/
Nuxeo Collaborative Portal Server (CPS) http://www.cps-project.org/
Gestion de contenu web / portail collaboratif / logiciel libre
-------------------------------------------------------
This SF.Net email is sponsored by: New Crystal Reports XI.
Version 11 adds new functionality designed to reduce time involved in
creating, integrating, and deploying reporting solutions. Free runtime info,
new features, or free trial, at: http://www.businessobjects.com/devxi/728
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
