Hello, I've got a FreeBSD openldap server set up and i'd like to authenticate to it with a centos 5.1 client. The server is also acting as a client itself and user access works fine from it. On the clientside I'm getting an error can not search ldap server, server is unavailable. This is with pam_ldap. I'm using tls encryption. On the client if i do:
ldapsearch -xZ
i get every entry in my directory. And if i do:
ldapsearch -xZ -L '(uid=user)'
i get a specific user out of it, so i'm concluding the error is in my /etc/ldap.conf file. I've added ldap to my nsswitch.conf file clientside to the passwd, shadow, and group lines. On the server i'm seeing a tls negotiation failure error msg and the client as i said can not search ldap server. Thanks. Dave.
On Sun, 2008-03-09 at 23:24 -0400, Dave wrote:
Hello, I've got a FreeBSD openldap server set up and i'd like to authenticate to it with a centos 5.1 client. The server is also acting as a client itself and user access works fine from it. On the clientside I'm getting an error can not search ldap server, server is unavailable. This is with pam_ldap. I'm using tls encryption. On the client if i do:
ldapsearch -xZ
i get every entry in my directory. And if i do:
ldapsearch -xZ -L '(uid=user)'
i get a specific user out of it, so i'm concluding the error is in my /etc/ldap.conf file. I've added ldap to my nsswitch.conf file clientside to the passwd, shadow, and group lines. On the server i'm seeing a tls negotiation failure error msg and the client as i said can not search ldap server.
---- system-config-authentication
does more than edit /etc/ldap.conf and /etc/nsswitch.com, it also changes /etc/pam.d/system-auth and that is pretty necessary.
Suggest that you run the tool
Craig
-
Craig White -
Dave