[users@httpd] mod_auth_ldap drops ldaps: connections without querying

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

httpd 2.0.52, OpenLDAP 2.1.30 (both from latest Gentoo Linux ebuilds).

I'm trying to authenticate against Microsoft ADS using LDAPS.  A test
always results in:

[Wed Apr 13 15:53:35 2005] [warn] [client 134.68.180.23] [7353] auth_ldap
authenticate: user mwood authentication failed; URI /~mwood/test/ [LDAP:
ldap_simple_bind_s() failed][Can't contact LDAP server]

Tracing network activity shows me that the server repeatedly opens and
closes connections to port 636 on the directory server without ever even
starting the SSL handshake.  I was able to search the directory manually
using 'ldapsearch -H ldaps://our.server/ -W -D "userDN" -b "searchbase"
filter', so the server is willing to talk LDAPS to the client host.

I've made sure that the LDAPtrustedCA and LDAPtrustedCAtype are set
properly, and debug output from httpd shows that it is finding the file
and never complains about it.

- -- 
Mark H. Wood, Lead System Programmer   mwood@xxxxxxxxx
Open-source executable:  $0.00.  Source:  $0.00  Control:  priceless!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/

iD8DBQFCXZVXs/NR4JuTKG8RAsgBAJ933Ly7w8EVaQjVHJCIkMFpaYNywACgiOb1
+tIZanIT0eBXOEsLBBQEtdM=
=0fXD
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux