Re: nslcd: LDAP with TLS
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: nslcd: LDAP with TLS
- From: Mark Hack <markhack [at] markhack.com>
- To: Andrea Sighinolfi <andrea.sighinolfi [at] sitti.it>, nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: nslcd: LDAP with TLS
- Date: Wed, 19 Jan 2022 10:36:16 -0600
Hopefully you changed the URI from LDAP:// to LDAPS:// but without the
the full configuration file it is a little harder to assist you.
It is highly unlikely that the start_tls is needed or supported. Start
by removing that and if that does not work then you will have to look
at wireshark traces.
On Wed, 2022-01-19 at 17:07 +0100, Andrea Sighinolfi wrote:
> I need to configure nslcd to allow me to authenticate a user on a
> remote
> LDAP server through an encrypted connection (TLS). I am using a
> sample
> program which make use of the pam_ldap.so module to provide ldap
> authentication using nslcd. If the LDAP connection is not encrypted
> (simple authentication), it works fine.
>
> Since I need to do an encrypted connection to the LDAP server,
> Looking
> at the documentation, I seemed to understand that I have to modify
> the
> /etc/nslcd.conf file in order to get nslcd aware of the TLS
> encryption.
> I added the following commands to the nslcd.conf file:
>
> ...
> ssl start_tls
> tls_reqcert never
>
> But when I try to authenticate the user with my sample program,
> nslcd
> freezes for seconds, and then fails to authenticate.
>
> What am I doing wrong? I am sure I am missing something in the
> configuration but after several attempts I haven't been able to
> authenticate yet.
>
> Thank you.
>
> Andrea.
>
>
- Re: nslcd with sshd question, (continued)
