Low Sensitivity/Aerospace Internal Use
Hello, I need help figuring out why I can't get CentOS-6.2 machines to
authenticate against my OpenLDAP implementation where user and group entries
I can use ldapsearch and get back the
results I am expecting, but I don't know where in my long list of configurations
I might have gone wrong, or left something else out. All of my instructions
have been based on reading several (easily 20) other people's pages for
configuring an LDAP DIT for the explicit purpose of centralizing USER AUTHENTICATION.
I can submit my MS Word document that
I used to keep track of the steps that I used thus far. I am writing
up the instructions so that I can repeat them in the hopes of building
a small development environment for my coworkers.
In my environment I have all CentOS-6.4
OS virtual machines that I am running inside of my PC running Oracle VirtualBox.
I am attempting to keep them entirely isolated from the network so,
I have... a dedicated DNS server, dedicated CA server and dedicated LDAP
server. Their names respectively, can be wsf-LabDNS, wsf-LabCA and
I wrote a script that automates the
creation of an LDIF file so that the same script can turn around and add
records (DNs) using ldapadd.
I have CA certificates for my DNS, CA
and LDAP servers, and my CA is a self-signed CA. My DNS and LDAP
servers' certificates are signed by my CA.
I am attempting to use my DNS and CA
servers as LDAP-USER-AUTH clients against my LDAP server. CentOS
requires the use of TLS certificates.
I cannot get user authentication to
work no matter what I have done over the past 4 months. I have a
user account I created, called wsf29221, that I am using to test against
I used yum to install all of my packages,
meaning I did not compile anything from scratch. I am using all of
The commands I am attempting are:
su - wsf29221
ssh wsf29221@wsf-LabDNS (from
I am pretty sure my problem is in the
TLS configuration, but I don't really know what to look at or even where
Warron French, MBA,
Low Sensitivity/Aerospace Internal Use Only