Solved

LDAPS Config

Posted on 2008-06-09
3
858 Views
Last Modified: 2013-12-02
We have successfully configured and tested our SLES 10 server to authenticate LDAP.  Our problem lies in the Apache code on one our authenticating servers. We have the following in our httpd :


<Directory /var/www/html/Authent>
 AuthType Basic
 AuthName "Company Internal Server"
 AuthBasicProvider ldap
 AuthzLDAPAuthoritative On
 AuthLDAPURL ldaps://mail.company.com:636/ou=users,o=company?uid SSL
 AuthLDAPBindDN "cn=ldapproxy,o=company"
 require valid-user
</Directory>
 
The error we are receiving is :

[Mon Jun 09 15:41:54 2008] [warn] [client 66.105.XXX.XXX] [23743] auth_ldap authenticate: user testuser authentication failed; URI /Authent/ca_resume_test.php [LD
AP: ldap_simple_bind_s() failed][Can't contact LDAP server]

We believe the error may be related to a certificate issue but are unaware ofhow to determine this.



0
Comment
Question by:Primarisair
  • 2
3 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 21750592
Have you tested without using SSL?  I would suggest that you try not using SSL.  Once you have that working then try SSL.
0
 

Author Comment

by:Primarisair
ID: 21753369
We have successfully completed the tests without SSL. What would the next step be in the SSL process. Do we transfer certificate? Does the code look correct?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 125 total points
ID: 21753912
The code for SSL and non-SSL will be the same, except for the ldaps part.

Are you using a cert that is signed by a public CA, your own CA, or a self-signed cert?

If using a self-signed cert, then you need to import the public key of the server onto the client.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question