Yes I've had that problem before but I fixed it before. I think its a permission problem of user accesing the certificate. When you logged onto the system the auth process is done by root but when you lock it with a screen saver its locked by the user. So to unlock it the auth process is done by the user. But if your user has no access to the certificate he can't authenticate against the ldap. You can verify this by (Test this by) chmod -R 755 /etc/openldap/certs (Or where everever your certs are on the client system) Log in as a normal user, lock it with xscreen saver, try unlocking it. If it works you have a access permission problems with your certs. On Wed, 11 Apr 2007, Rich Megginson wrote: > Brian Zuromski wrote: >> Rich, >> No, I'm not using client based auth with this setup. I am sharing >> out the server certificate to the network client. > How does this relate to LDAP or the directory server? >> Date: Tue, 10 Apr 2007 08:35:00 -0700 >> From: Rich Megginson <rmeggins at redhat.com> >> Subject: Re: TLS issues during screen lock >> To: "General discussion list for the Fedora Directory server project." >> <fedora-directory-users at redhat.com> >> Message-ID: <461BAEA4.5080708 at redhat.com> >> Content-Type: text/plain; charset="iso-8859-1" >> >> Brian Zuromski wrote: >> >>> > Hello, >>> > I'm having an issue with TLS certificates. On the client > >>> side, it seems that when I have TLS enabled it works fine. When I > >>> screen lock the computer, I have to disable TLS to get back in. Has > >>> anyone else experienced this before? >>> >> Are you using client cert based auth? >> >>> > >>> > Thanks, >>> > >>> >> > > > > !DSPAM:272,461d0aeb65221969219952! > -- Ashley Chew - Systems Administrator School of Computer Science and Software Engineering University of Western Australia Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089 Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley "There is no such thing as Fate, Fate is what you make of it!"
