On Fri, 31 Oct 2008, Scott McClanahan wrote:
On Fri, 2008-10-31 at 16:32 -0400, Steve Thompson wrote:
CentOS 5.2 with OpenLDAP 2.3.27, nss_ldap_253.13, using TLS, i686 and
x86_64.
LDAP password information update failed: Referral
If I comment out "ssl start_tls", the referral to the master is followed
and the password change operation succeeds. I've found references to
problems with earlier releases of pam_ldap when referrals were not
properly followed when using TLS, and these are supposed to be fixed;
apparently not in my case. Can anyone hit me with the clue stick?
Does the common name in the certificate or the x509 v3 extensions match
the hostname used in the referral in your slapd.conf? Is the
certificate issued by the ldap server you are being referred to signed
by a trusted CA?
Yes to both.
Steve
----------------------------------------------------------------------------
Steve Thompson E-mail: smt AT vgersoft DOT com
Voyager Software LLC Web: http://www DOT vgersoft DOT com
39 Smugglers Path VSW Support: support AT vgersoft DOT com
Ithaca, NY 14850
"186,300 miles per second: it's not just a good idea, it's the law"
----------------------------------------------------------------------------
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
