[CentOS] LDAP authentication on a remote server (via ldaps://)
Craig White
craigwhite at azapple.com
Thu Oct 7 02:33:38 UTC 2010
On Wed, 2010-10-06 at 09:49 -0400, Scott Robbins wrote:
> On Wed, Oct 06, 2010 at 03:32:03PM +0200, Mathieu Baudier wrote:
> > > Did you, on the server, change the new, undocumented, /etc/sysconfig/ldap
> > > file's entry for SLAPD_LDAPS and restart the ldap service on the server?
> >
> > This settings was indeed set to no.
> >
> > I changed the settings to yes and restarted the service, but it did
> > not change anything.
>
> About the only other thing I can think of is an issue I ran into on
> later versions of Fedora. Now, /etc/openldap/ldap.conf needs
> TLS_REQCERT allow, but I think that's a Fedora thing. (On the other
> hand, we're only using CentOS as a server, not a client.)
----
TLS_REQCERT allow is not a Fedora thing but rather typically necessary
when you use a self-signed cert because there is no chain to a
recognized CA. Thus any client whether Fedora, Ubuntu or CentOS might
very well need that configuration.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the CentOS
mailing list