Joshua Schaeffer wrote:
when I runthe following ldapsearch I get an error:
jschaeffer@zipmaster07:~$ ldapsearch -LLL -v -D cn=admin,dc=harmonywave,dc=com -W -H ldaps://baneling -b uid=jschaeffer,ou=People,dc=harmonywave,dc=com ldap_initialize( ldaps://baneling:636/??base ) Enter LDAP Password: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
If I use the FQDN for the URI then everything works fine and I get results.
That's because of the TLS hostname check which checks against the server's certificate.
=> always use FQDN with TLS
Ciao, Michael.