[CentOS] LDAP authentication on a remote server (via ldaps://)

Scott Robbins scottro at nyc.rr.com
Wed Oct 6 11:17:26 UTC 2010

On Wed, Oct 06, 2010 at 10:24:44AM +0200, Mathieu Baudier wrote:
> Hello,
> Now, I have a few servers in our local office and I would like them to
> authenticate from the remote LDAP server using encryption via
> ldaps://.
> (at this stage, without using client-side certificate)
> I have run a similar command as I did on the remote servers, replacing
> ldap://localldapserver by ldaps://ldap.mycompany.com:
> authconfig --enableldap --enableldapauth --enablecache
> --enablemkhomedir --ldapserver=ldaps://ldap.mycompany.com
> --enableldaptls --ldapbasedn=dc=mycompany,dc=com --passalgo=sha256
> --updateall

Did you, on the server, change the new, undocumented, /etc/sysconfig/ldap
file's entry for SLAPD_LDAPS and restart the ldap service on the server?

(It's documented in the CentOS wiki's FAQ, however, apparently no one at
RH figured it merited mention.)  

Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6

Xander: I laugh in the face of danger.  Then I hide until it
goes away

More information about the CentOS mailing list