Hey everyone. Just setup a multi master configuration on two openldap 2.4 systems on Centos 7. Replication seems to be working and I can do ldapsearches with ldap or ldaps while I'm ON the boxes.
I'm finding when I try to do a ldapsearch using ldaps from an external box I get the following error: Jun 09 18:36:29 prod-openldap-01 slapd[20102]: conn=1301 fd=19 TLS established tls_ssf=256 ssf=256 Jun 09 18:36:29 prod-openldap-01 slapd[20102]: conn=1301 fd=19 closed (connection lost)
Example search : ldapsearch -x -LLL -W -D "cn=ldapadm,dc=<domain redacted>,dc=com" -H ldaps://public-ldap-01.<domain redacted> -b 'dc=<domain redacted>,dc=com' -s sub "(objectclass=uid)" * in /etc/sysconfig/slapd I have the following:
SLAPD_URLS="ldapi:/// ldap://stage-openldap-01.<domain redacted> ldaps:///" The ldap:// address reflects what was setup for the olcServerID when I was setting up. However if I check slaptest -f /etc/sysconfig/slapd -v I get: 5ee10c18 /etc/sysconfig/slapd: line 10: unknown directive <SLAPD_URLS=ldapi:/// ldap://stage-openldap-01.<domain redacted>.com ldaps:///> outside backend info and database definitions. slaptest: bad configuration file!
I haven't setup an ldap server in years so I'm not sure where my problem is. If I can get external auth and searches working via ldaps the build will be complete. Appreciate any help anyone can give. Regards, Aric
Sent from Mailspring (https://link.getmailspring.com/link/CD141FF0-8BD1-4F0B-9E01-62C712ABDDD8@get...), the best free email app for work