Hi ! I ask to help to solve a problem with the utility ldapsearch. is a problem to carry out synchronization between FDS and AD. Has made the following: 1) Install FDS 2) Configuring SSL Enabled FDS. For this purpose has started script setupssl.sh (http://directory.fedora.redhat.com/download/setupssl.sh) from HOWTO "Howto:SSL" (http://directory.fedora.redhat.com/wiki/Howto:SSL) 3) Restart FDS. netstat -atupn | grep ns- tcp 0 0 :::389 :::* LISTEN 6039/ns-slapd tcp 0 0 :::636 :::* LISTEN 6039/ns-slapd 4) Enable SSL on AD. Install Certificate Service Check util ldp.exe: Connected param: Server- srv-vm1.mup-example.vrn.ru Port - 636 Checkbox "SSL" ld = ldap_sslinit("srv-vm1.mup-example.vrn.ru", 636, 1); Error <0x0> = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION, LDAP_VERSION3); Error <0x0> = ldap_connect(hLdap, NULL); Error <0x0> = ldap_get_option(hLdap,LDAP_OPT_SSL,(void*)&lv); Host supports SSL, SSL cipher strength = 128 bits Established connection to srv-vm1.mup-example.vrn.ru. Retrieving base DSA information... ..... 5) Import AD CA certificate in DER mode. 6) Copy, convert (PEM) and install AD CA certificate in FDS. Check: [root at asterisk1 alias]# /opt/fedora-ds/shared/bin/certutil -L -d . -P slapd-asterisk1- CA certificate CTu,u,u server-cert u,u,u Server-Cert u,u,u ad-cert CT,C,C <- install this 6) [root at asterisk1 alias]# ldapsearch -Z -P /opt/fedora-ds/alias/slapd-asterisk1-cert8.db -h rv-vm1.mup-example.vrn.ru -p 636 -D "cn=Administrator,cn=users,dc=mup-examle,dc=vrn,dc=ru" -w secret01 -s base -b "dc=mup-example,dc=vrn,dc=ru" "objectclass=*" Error: ldapsearch: unabel to parse protocol version "/opt/fedora-ds/alias/slapd-asterisk1-cert8.db" Help my! Thanks ------------------------------------------------------ My Setup: Fedora Core 5 (i386) Fedora Directory Server 1.0.2 Windows 2003 Server (DC - srv-vm1.mup-example.vrn.ru) ------------------------------------------------------
