--On Friday, March 09, 2007 11:42 AM +0530 JOYDEEP j.bakshi@unlimitedmail.org wrote:

Dear list,

I am using openldap2-2.3.19-18 under suse 10.1 and it is wotking fine at port 389 ( ldap://) Now to secure it with ssl, I have first generated a certificate with Ca.sh script comes with linux.

then I have modified my /etc/openldap/slapd.conf as

TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /etc/openldap/myca/servercert.pem TLSCertificateKeyFile /etc/openldap/myca/serverkey.pem TLSCACertificateFile /etc/openldap/myca/cacert.pem TLSVerifyClient never =========================================

I also modified /etc/openldap/ldap.conf as

HOST 127.0.0.1:636 BASE ou=Users,dc=kolkatainfoservices,dc=in TLS_CACERT /etc/openldap/myca/cacert.pem =================================

now when I execute *ldapsearch -H ldaps:// -d 255* it asks for

ldap_msgfree sasl_client_step: 2 Please enter your password: ====================== after giving the manager password which is seceret it reports ========================== ldap_msgfree ldap_perror ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database ============================================

could any one suggest what am I missing here ? thanks.

The -x flag to ldapsearch?

--Quanah

-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html