On 03/10/11 17:43 +0200, Andreas Rudat wrote:
Am 03.10.2011 16:43, schrieb Dan White:
On 03/10/11 16:27 +0200, Andreas Rudat wrote:
*ldapmodify -Y EXTERNAL -H ldapi:///*
SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0
The output indicates that you successfully authenticated your connection to the server. ldapmodify is waiting for you to tell it something to do (from standard input).
Ah ok, then I missunderstood the tutorial I read.
I'm trying to get sasl+tls running, but I have still some problems. ldapsearch -x -LLL -s base -b "" supportedSASLMechanisms
says supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: NTLM
so tls issn't allowed in my configuration? I added tls on ldap.conf and /etc/default/slapd
Debug says: TLS: can't connect: A TLS packet with unexpected length was received..
What are the contents of your ldap.conf, and your /etc/default/slapd?
What is your TLS configuration on the server? In particular, your TLSVerifyClient/olcTLSVerifyClient setting (which should be something other than the default).