Hi,
I am applying the latest updates to a number of systems, those with LDAP
configured failed to boot at Start system message bus, those
without LDAP configured booted just fine!
Any suggestion?
--
Zhi-Wei Lu
Institute for Data Analysis and Visualization
University of California, Davis
Do you have ssl configured in /etc/ldap.conf? The lastet update of
nss_ldap seems to have a problem with that, on 5.0 at least.
Quoting Zhi-Wei Lu [EMAIL PROTECTED]:
Hi,
I am applying the latest updates to a number of systems, those with LDAP
configured failed to boot at Start system
Zhi-Wei Lu wrote:
I am applying the latest updates to a number of systems, those with LDAP
configured failed to boot at Start system message bus, those
without LDAP configured booted just fine!
Any suggestion?
Hi, a 5.1 desktop box that is LDAPized boots fine here (using remote
LDAP
Zhi-Wei Lu wrote:
Hi,
I am applying the latest updates to a number of systems, those with LDAP
configured failed to boot at Start system message bus, those
without LDAP configured booted just fine!
Any suggestion?
It may be this:-
https://bugzilla.redhat.com/show_bug.cgi?id=206399
I
Zhi-Wei Lu wrote:
2. Turn on ssl and add the nss_initgrous_ignoreusers line, the message
bus was fine and system rebooted, but ldap query is still not working
via ldaps, therefore, the latest nss_dap_253-12 breaks something.
Instead of ldaps (as in LDAP over SSL), we use starttls (plaintext
Not that we use ldap here (yet!), but I was reading through the changes
and see that one of the bugs listed as fixed is:
* the port option in the /etc/ldap.conf configuration file on client
machines was ignored. For example, if a directory server which you
were attempting to use was
Thanks Jan!
It appears that nss_ldap_253-12 breaks
ldaps://ldap.server mechanism on port 636, which was in my
/etc/ldap.conf file (used by nss_ldap).
After I modified /etc/ldap.conf with
ldap://ldap.server along with
ssl start_tls
tls_checkpeer yes
nss_ldap-253-12 is happy and it gets data
Quoting Zhi-Wei Lu [EMAIL PROTECTED]:
This thread is directly related to
Faye Gibbins's Openssl breaks ldap on SL5.0 thread! It is nss_ldap
rather than openssl's fault.
Yes, it appears to be the same problem.
-
Faye Gibbins,