Low Sensitivity/Aerospace Internal Use Only

Hello, I need help figuring out why I can't get CentOS-6.2 machines to authenticate against my OpenLDAP implementation where user and group entries are stored.

I can use ldapsearch and get back the results I am expecting, but I don't know where in my long list of configurations I might have gone wrong, or left something else out.  All of my instructions have been based on reading several (easily 20) other people's pages for configuring an LDAP DIT for the explicit purpose of centralizing USER AUTHENTICATION.

I can submit my MS Word document that I used to keep track of the steps that I used thus far.  I am writing up the instructions so that I can repeat them in the hopes of building a small development environment for my coworkers.

In my environment I have all CentOS-6.4 OS virtual machines that I am running inside of my PC running Oracle VirtualBox.  I am attempting to keep them entirely isolated from the network so, I have... a dedicated DNS server, dedicated CA server and dedicated LDAP server.  Their names respectively, can be wsf-LabDNS, wsf-LabCA and wsf-LabLDAP.

I wrote a script that automates the creation of an LDIF file so that the same script can turn around and add records (DNs) using ldapadd.

I have CA certificates for my DNS, CA and LDAP servers, and my CA is a self-signed CA.  My DNS and LDAP servers' certificates are signed by my CA.

I am attempting to use my DNS and CA servers as LDAP-USER-AUTH clients against my LDAP server.  CentOS requires the use of TLS certificates.

I cannot get user authentication to work no matter what I have done over the past 4 months.  I have a user account I created, called wsf29221, that I am using to test against LDAP.

I used yum to install all of my packages, meaning I did not compile anything from scratch.  I am using all of the OpenLDAP-2.4.23-32.el6_4.1.

The commands I am attempting are:

su - wsf29221
id wsf29221
ssh wsf29221@wsf-LabDNS   (from wsf--LabCA)

I am pretty sure my problem is in the TLS configuration, but I don't really know what to look at or even where to start.

Warron French, MBA, SCSA
|||||Submission End|||||

Low Sensitivity/Aerospace Internal Use Only