On Sun, 2008-03-09 at 23:24 -0400, Dave wrote: > Hello, > I've got a FreeBSD openldap server set up and i'd like to authenticate > to it with a centos 5.1 client. The server is also acting as a client itself > and user access works fine from it. > On the clientside I'm getting an error can not search ldap server, > server is unavailable. This is with pam_ldap. I'm using tls encryption. On > the client if i do: > > ldapsearch -xZ > > i get every entry in my directory. And if i do: > > ldapsearch -xZ -L '(uid=user)' > > i get a specific user out of it, so i'm concluding the error is in my > /etc/ldap.conf file. I've added ldap to my nsswitch.conf file clientside to > the passwd, shadow, and group lines. On the server i'm seeing a tls > negotiation failure error msg and the client as i said can not search ldap > server. ---- system-config-authentication does more than edit /etc/ldap.conf and /etc/nsswitch.com, it also changes /etc/pam.d/system-auth and that is pretty necessary. Suggest that you run the tool Craig