Salve alla lista Non ho ancora risolto il problema, nonostante i suggerimenti di Pierangelo. I file di configurazione sono i seguenti:
file /etc/openldap/slapd.conf server-master # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args TLSCertificateFile /etc/ssl/ldap-cert.pem TLSCertificateKeyFile /etc/openldap/ssl/ldap-key.pem TLSCACertificateFile /etc/ssl/ldap-cert-client.pem TLSVerifyClient demand log level 2048 database ldbm replogfile /var/lib/ldap/openldap-master-replog replica uri=ldaps://147.163.110.191:636 binddn="cn=AGSManager,dc=unipa,dc=it" bindmethod=simple credentials=test suffix "dc=unipa,dc=it" rootdn "cn=Manager,dc=unipa,dc=it" rootpw test directory /var/lib/ldap # Indices to maintain for this database index objectClass eq index uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial index sambaSid eq index sambaPrimaryGroupSID eq index sambaDomainName eq sizelimit -1 cachesize 10000 file /etc/openldap/ldap.conf server-master BASE dc=unipa,dc=it URI ldap://127.0.0.1/ URI ldaps://localhost:636/ URI ldaps://147.163.110.191:636/ TLS_CERT /etc/ssl/ldap-cert.pem TLS_CACERT /etc/ssl/ldap-cert-client.pem file /etc/openldap/slapd.conf server-client include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema allow bind_v2 pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args database ldbm suffix "dc=unipa,dc=it" rootdn "cn=Manager,dc=unipa,dc=it" rootpw test updatedn "cn=Manager,dc=unipa,dc=it" updateref ldaps://147.163.110.190:636 directory /var/lib/ldap TLSCertificateFile /etc/ssl/ldap-cert.pem TLSCertificateKeyFile /etc/openldap/ssl/ldap-key.pem TLSCACertificateFile /etc/ssl/ldap-cert-client.pem #TLSVerifyClient demand log level 2048 index objectClass eq index uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial index sambaSid eq index sambaPrimaryGroupSID eq index sambaDomainName eq sizelimit -1 cachesize 10000 file /etc/openldap/ldap.conf server-client BASE dc=unipa,dc=it TLS_CACERTDIR /etc/openldap/cacerts URI ldap://127.0.0.1/ URI ldaps://147.163.110.190:636/ TLS_CERT /etc/ssl/ldap-cert.pem TLS_CACERT /etc/ssl/ldap-cert-client.pem riavviando il servizio ldap sul server, monitorando il log sul client ricevo questo messaggio Feb 3 17:42:48 s...@backup02.cupa.unipa.it slapd[2687]: conn=156 fd=19 ACCEPT from IP=147.163.110.190:56381 (IP=0.0.0.0:636) Feb 3 17:42:48 s...@backup02.cupa.unipa.it slapd[2687]: conn=156 fd=19 TLS established tls_ssf=256 ssf=256 Feb 3 17:42:48 s...@backup02.cupa.unipa.it slapd[2687]: conn=156 fd=19 closed (connection lost) spero che qualcuno possa aiutarmi grazie Luigi
_______________________________________________ OpenLDAP mailing list OpenLDAP@mail.sys-net.it https://www.sys-net.it/mailman/listinfo/openldap