On Mon, May 23, 2005 at 05:55:53PM +0200, Maximilian Wilhelm wrote: > Am Montag, den 23. Mai hub Geert Stappers folgendes in die Tasten: > > Hi! > > > ldap_bind: Invalid credentials (49) [ where to search further ??? ] > > Try to add a -ZZ and ensure the ldap is used as hostname, > to allow usage of SSL. $ ldapsearch -xw foo -h tw89 -D cn=admin,ou=people,dc=gst,dc=stappers,dc=nl -b dc=gst,dc=stappers,dc=nl | grep userPassword userPassword:: e2NyeXB0fSQxJDFSZU5INDNXJHczby9tUktUOTNFeWZwanlleWhZMDE= userPassword:: e1NNRDV9WlhoM1plRWF1SnhjTEczUUd2V0lRZVpvMlpVPQ== stappers@tw89:~ $ ldapsearch -ZZxw foo -h tw89 -D cn=admin,ou=people,dc=gst,dc=stappers,dc=nl -b dc=gst,dc=stappers,dc=nl | grep userPassword ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed stappers@tw89:~ > As far as I know SSL is force for authenticating. That did bring my attention to the SSL side of the problem^Wchallange. I did s/ssf=128// at the access control in slapd.conf, and now I passed the ldap_bind: Invalid credentials (49) :-) So I'm not stuck any more. Okay, thanks I have to dive into the SSL stuff. TNX Geert Stappers
Attachment:
signature.asc
Description: Digital signature