Results 1 to 2 of 2

Thread: ldap 11.04 natty tls configuration

  1. #1
    Join Date
    Nov 2009

    ldap 11.04 natty tls configuration


    I'm trying to get LDAP over TLS working on Ubuntu 11.04. I have tried this a couple of times and this step has never failed me so I'm a bit perplexed as to what is wrong.

    Essentlially I get up to running the ldapmodify command and I recieve an error.

    $ sudo ldapmodify -Y EXTERNAL -H ldapi:///
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    dn: cn=config
    add: olcTLSSCACertificateFile
    olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem
    ldapmodify: wrong attributeType at line 3, entry "cn=config"
    I cant seem to find a reason for this. Note, I'm also not recieving a password prompt when I start this process (which a lot of the examples out there suggest I should).

    Any thoughts on why this is failing?

    Note, I can query LDAP remotley on non TLS fine and I have no problem there. I just cant seem to get the config added so I can alter it to TLS secured LDAP.

  2. #2
    Join Date
    Apr 2009

    Re: ldap 11.04 natty tls configuration

    Looks like you have an extra "S" in your add: <attribute> line.

    The reason it's not asking for a password is two-fold, you are connecting to ldapi:// and using the EXTERNAL mechanism to verify that you are root (through the sudo command).

    You can set it up to have a username and password using olcRootDN and olcRootPW if you'd prefer to be able to edit the configuration from anywhere.

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts