On Mon, May 23, 2005 at 05:55:53PM +0200, Maximilian Wilhelm wrote:
> Am Montag, den 23. Mai hub Geert Stappers folgendes in die Tasten:
>
> Hi!
>
> > ldap_bind: Invalid credentials (49)
[ where to search further ??? ]
>
> Try to add a -ZZ and ensure the ldap is used as hostname,
> to allow usage of SSL.
$ ldapsearch -xw foo -h tw89 -D
cn=admin,ou=people,dc=gst,dc=stappers,dc=nl -b dc=gst,dc=stappers,dc=nl
| grep userPassword
userPassword:: e2NyeXB0fSQxJDFSZU5INDNXJHczby9tUktUOTNFeWZwanlleWhZMDE=
userPassword:: e1NNRDV9WlhoM1plRWF1SnhjTEczUUd2V0lRZVpvMlpVPQ==
stappers@tw89:~
$ ldapsearch -ZZxw foo -h tw89 -D
cn=admin,ou=people,dc=gst,dc=stappers,dc=nl -b dc=gst,dc=stappers,dc=nl
| grep userPassword
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
stappers@tw89:~
> As far as I know SSL is force for authenticating.
That did bring my attention to the SSL side of the problem^Wchallange.
I did s/ssf=128// at the access control in slapd.conf,
and now I passed the
ldap_bind: Invalid credentials (49)
:-)
So I'm not stuck any more. Okay, thanks
I have to dive into the SSL stuff.
TNX
Geert Stappers
Attachment:
signature.asc
Description: Digital signature