linuxperson
asked on
openLDAP
I have AD example.com
openLDAP unix.example.com
Can I able to integrate openLDAP with AD to get user information from AD and authorize to application connected with unix openLDAP server?
openLDAP unix.example.com
Can I able to integrate openLDAP with AD to get user information from AD and authorize to application connected with unix openLDAP server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What command did you use to start slapd?
Did you use something like:
Did you use something like:
/usr/local/libexec/slapd -s 256 -h "ldaps:///"
ASKER
still same issue
Hmmm, did you add "TLS_CACERT" to the ldap.conf file?
You should be able to test your certificates by doing following:
You should be able to test your certificates by doing following:
openssl s_client -connect localhost:636 -showcerts
ASKER
where is ldap.conf located?
I am using openldap and i did modify slapd.conf file only
I am using openldap and i did modify slapd.conf file only
You might find it here: /usr/local/etc/openldap/ld ap.conf
But it's more used for client authentication, you can ignore that one for now, barking up the wrong tree ...
What else ... Did that openssl test work?
Difficult to troubleshoot something like this, maybe this will help you pinpoint something.
But it's more used for client authentication, you can ignore that one for now, barking up the wrong tree ...
What else ... Did that openssl test work?
Difficult to troubleshoot something like this, maybe this will help you pinpoint something.
ASKER
actually i did download the source code and installing
ASKER
env CPPFLAGS="-I/openldap/db4/ include" LDFLAGS="-L/openldap/db4/l ib" ./configure --with-tls=openssl --prefix=/openldap/openlda p-install
when i tried to enable SSL during building the source code, i am getting
checking for openssl/ssl.h... no
configure: error: Could not locate TLS/SSL package
when i tried to enable SSL during building the source code, i am getting
checking for openssl/ssl.h... no
configure: error: Could not locate TLS/SSL package
Hi,
Sorry, was bedtime last night for me :)
Ok, so OpenLDAP has been installed? If yes maybe this command can help solve the SSL issue:
Sorry, was bedtime last night for me :)
Ok, so OpenLDAP has been installed? If yes maybe this command can help solve the SSL issue:
env CC=gcc CPPFLAGS="-I/dir/ssl/include" LDFLAGS="-L/dir/ssl/lib" ./configure --with-ssl=/dir/ssl -with-tls
ASKER
for some application it requires SSL/TLS
i am getting the following error
slapd[21444]: daemon: TLS not supported (ldaps://x.x.x.x)
here is my slapd.conf
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
include /openldap/openldap-install
pidfile /openldap/openldap-install
argsfile /openldap/openldap-install
database bdb
suffix "dc=unix,dc=example,dc=com
rootdn "cn=Manager,dc=unix,dc=exa
rootpw secret
directory /openldap/openldap-install
index objectClass eq
TLSCACertificateFile /tls-certs/CA.crt
TLSCertificateFile /tls-certs/server.crt
TLSCertificateKeyFile /tls-certs/server.key
TLSCipherSuite HIGH:MEDIUM:+SSLv2