Start TLS and 389 Directory

Posted by Kyle Flavin on Server Fault See other posts from Server Fault or by Kyle Flavin
Published on 2012-09-28T02:59:48Z Indexed on 2012/09/28 3:40 UTC
Read the original article Hit count: 183

Filed under:

redhat

|

ldap

|

fedora

|

directory

I'm trying to configure Start TLS on 389 Directory server, but I'm having all sorts of issues.

I've been following this doc: https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/managing-certs.html

which specifies that I should create a certificate for both the directory server and admin server. I've imported the CA cert on both servers. I've tried to use the same server certificate for both. It will not allow me to do so. However, the admin and directory servers reside on the same host. If I generate a new certificate it will need to use the same hostname. I'm not sure if that's valid...

Has anyone out there set this up before? Any direction would be helpful. I have multmaster replication set up. From an external client, I'm attempting to do an ldapsearch -ZZ -x -h "myhost" -b "dc=example,dc=com" -D "cn=Directory Manager" -W "", and I'm getting a protocol error.

© Server Fault or respective owner

Related posts about redhat

Invalid configuration `noarch-redhat-linux-gnu': machine `noarch-redhat' not recognized

as seen on Server Fault - Search for 'Server Fault'
When I try to build rpm from src rpm (Apache 2.4.1) I got this error: rpmbuild -tb httpd-2.4.1.tar.bz2 --ba httpd.spec + ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=noarch-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin… >>> More
`# probe: true` in /etc/rc.d/init.d/* files on a RedHat system

as seen on Server Fault - Search for 'Server Fault'
Some files (e.g. nfs, nfslock, bind) in my /etc/rc.d/init.d/ directory have in their comment header a line such as: # probe: true I found that those particular scripts has the probe verb i.e.: service nfs probe But this is due to the fact that the mentioned scripts has code that deals with the… >>> More
Redhat Software RAID 1 not syncing

as seen on Server Fault - Search for 'Server Fault'
Hey guys, I setup a software RAID 1 on a Redhat server, everything went sweet and it synced the first time. The other day the raid failedover for some reason and the disks hadn't been syncing since that first time, so it went back to 2 weeks ago when we did the first sync. We got the system back… >>> More
Failed to start X server. REDHAT LINUX 5.3

as seen on Super User - Search for 'Super User'
I installed Red-hat 5.3 problem is that it is not showing graphical interface. only kernel / command prompt is available. I tried startx, then I got this msg No video BIOS modes for chosen depth also showing that ERROR: Failed to start X server. What should I do? >>> More
Problems installing Memcache (PECL extension)

as seen on Server Fault - Search for 'Server Fault'
I have installed memcached fine, and now I will need to install PECL extension memcache. Im running RedHat x86_64 es5. The installation gives me this: downloading memcache-2.2.6.tgz ... Starting to download memcache-2.2.6.tgz (35,957 bytes) ..........done: 35,957 bytes 11 source files, building running:… >>> More

Related posts about ldap

NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Ubuntu 12.04 Preseed LDAP Config

as seen on Server Fault - Search for 'Server Fault'
I'm trying to deploy Ubuntu 12.04 via xCAT, everything works except the automatic configuration of LDAP, the preseed file is read but the file /etc/nsswitch is not written properly. My Preseed File: [...] ### LDAP Setup nslcd nslcd/ldap-bindpw password ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config… >>> More
NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Apache+LDAP auth on Ubuntu says "Can't contact LDAP server" while ldapsearch is perfect

as seen on Server Fault - Search for 'Server Fault'
Hi Gurus, I'm migrating from an existing apache+LDAP+mysql+php server to a new hardware platform. Old server is running Debian Lenny, which I have no config documentation available (was done by previous sysadmin); New server is running Ubuntu 10.04.2 LTS 32bit. After installing Apache and configured… >>> More
Spring security ldap: no declaration can be found for element 'ldap-authentication-provider'

as seen on Stack Overflow - Search for 'Stack Overflow'
Following the spring-security documentation: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html I am trying to set up ldap authentication (very simple - just need to know if a user is authenticated or not, no authorities mapping needed) and have put this in my applicationContext-security… >>> More