[CentOS] LDAP and expired passwords
filbranden at gmail.com
Sat Nov 1 19:26:26 UTC 2008
On Sat, Nov 1, 2008 at 09:30, Steve Thompson <smt at vgersoft.com> wrote:
>> # grep ^updateref /etc/openldap/slapd.conf
> updateref ldaps://ldap1.cbe.cornell.edu
If you are using "ssl start_tsl" you have to use ldap:// and not
ldaps:// in your referrals, otherwise LDAP client will try to open a
TLS session inside the connection which is already a SSL session. If
you change that in your configuration file, it should work fine.
Alternatively you could use ldaps:// on the clients instead, by using
"ssl on" or "uri ldaps://..." instead of "host ...".
More information about the CentOS