John Burian john@burian.org writes:
Dieter Kluenter wrote:
From your remarks on CA and certificate a assume that you want to use TLS, while your ldapwhoami seems to indicate that you want to make use of PLAIN mechanism, which is disabled by default, unless you provide a secure transport method, that is either TLS or local socket. Unless you provide more information on the parameters used, no advice can be given.
-Dieter
Correct, I want to be using SASL/PLAIN over TLS. The following works:
$ ldapwhoami -x -W -D 'uid=burianj,ou=people,dc=cqcb' Enter LDAP Password: dn:uid=burianj,ou=People,dc=cqcb Result: Success (0)
[...]
Just another method to authenticate, while using TLS, is to create a proper user certificate an validiate this by
$ ldapwhoami -Y external -ZZ -H ldap://localhost
-Dieter [1]
Footnotes: [1] Yes, I have a correct certificate which is defined in ~/.ldaprc