[CentOS] LDAP and expired passwords
Scott McClanahan
smcclanahan at forterrainc.comFri Oct 31 22:23:04 UTC 2008
- Previous message: [CentOS] LDAP and expired passwords
- Next message: [CentOS] LDAP and expired passwords
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 2008-10-31 at 16:32 -0400, Steve Thompson wrote: > CentOS 5.2 with OpenLDAP 2.3.27, nss_ldap_253.13, using TLS, i686 and > x86_64. > > LDAP password information update failed: Referral > > If I comment out "ssl start_tls", the referral to the master is followed > and the password change operation succeeds. I've found references to > problems with earlier releases of pam_ldap when referrals were not > properly followed when using TLS, and these are supposed to be fixed; > apparently not in my case. Can anyone hit me with the clue stick? Does the common name in the certificate or the x509 v3 extensions match the hostname used in the referral in your slapd.conf? Is the certificate issued by the ldap server you are being referred to signed by a trusted CA? Following referrals using start_tls works just fine for me.
- Previous message: [CentOS] LDAP and expired passwords
- Next message: [CentOS] LDAP and expired passwords
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list