[389-users] Command line to request certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Prashanth Sundaram wrote:
> Rich,
>
> I went forward with manual SSL install. I still see the console 
> showing ldap.foo.com:389 on the top tree level.
That's just for labeling. If you have restarted the directory server 
after configuring it to use TLS, you should see in the error log a 
message that it is listening on the TLS/SSL port. You should also be 
able to use netstat to see that it is listening to both the LDAP port 
(389) and the LDAPS port (636) (or whatever other port numbers you may 
have configured).
> The ?User DS? field in Admin server points to ldap.foo.com:636. I have 
> set all the encryption via console. Am I missing something? When I 
> issue ldapsearch ?p 389, it returns ldap_sasl_interactive_bind_s: 
> Unknown authentication method (-6) additional info: SASL(-4): no 
> mechanism available:
/usr/bin/ldapsearch by default will attempt a SASL bind. You must use 
the -x argument to use simple bind.
>
> When I issue, ldapsearch ?p 636 is asks for pass but hangs thereafter. 
> I have imported 500 entries. Also my indexes don?t seem to work, when 
> searched on console.
Why do you think your indexes are not working?
> I used proper ldapsearch with all possible switches -x , -Z, -ZZ.
Note that -Z will require you to configure your ldapsearch client to use 
a CA cert - see man ldap.conf - search for TLS - you can also create/use 
~/.ldaprc
> After I enabled indexing on the directory level and ou levels, when I 
> click on search with nothing on search bar, it retuns the ou levels 
> and not users. So I manually indexed individual users, they don;t show 
> up anyway.
I'm not sure what you mean by "index" in this context.
>
> Thanks,
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20090813/dd065000/attachment.bin
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux