I recall setting it up like the instructions stated and when I ran wireshark I got the
following error:
TLSv1 Alert (Level: Fatal, Description: Unknown CA)
The procedure is as follows:
Create new user in LDAP server
Create POSIX attributes for that new user
Try to log into local box that authenticates against LDAP server with new user for first
time
It prevents me from logging in successfully (I've had this work before in CentOS)
Have you been able to successfully log in to a local Red Hat box that authenticates
against a 389 DS with a newly created user with POSIX attributes?
Thanks,
Rohit
From: Chandan Kumar
<chandank.kumar@gmail.com<mailto:chandank.kumar@gmail.com>>
Reply-To: "General discussion list for the 389 Directory server project."
<389-users@lists.fedoraproject.org<mailto:389-users@lists.fedoraproject.org>>
Date: Thursday, December 13, 2012 11:57 AM
To: "General discussion list for the 389 Directory server project."
<389-users@lists.fedoraproject.org<mailto:389-users@lists.fedoraproject.org>>
Subject: Re: [389-users] How to set up 389 client
Well Centos is just clone of RHEL. I did this setup on Centos 6.3 just few weeks back.
What error are you getting?
The most annoying error what I know is the "peer is not trusted.".
What are you using for Client side? SSSD or PADL NSS stuff? I would recommend to use SSSD
and follow below link for that.
http://www.couyon.net/1/post/2012/04/enabling-ldap-usergroup-support-and-....
On Thursday, December 13, 2012, Chaudhari, Rohit K. wrote:
This is on CentOS however. We had success configuring it for CentOS in the past, but were
unable to replicate this on Red Hat 6.3. Did you follow these steps for configuring Red
Hat 6 as well?
Thanks,
Rohit
From: Chandan Kumar
<chandank.kumar@gmail.com<javascript:_e({},%20'cvml',%20'chandank.kumar@gmail.com');>>
Reply-To: "General discussion list for the 389 Directory server project."
<389-users@lists.fedoraproject.org<javascript:_e({},%20'cvml',%20'389-users@lists.fedoraproject.org');>>
Date: Thursday, December 13, 2012 11:50 AM
To: "General discussion list for the 389 Directory server project."
<389-users@lists.fedoraproject.org<javascript:_e({},%20'cvml',%20'389-users@lists.fedoraproject.org');>>
Subject: Re: [389-users] How to set up 389 client
Best guide will be the redhat manual or if you are looking for some how to then you can
follow below link.
http://blogatharva.blogspot.ca/2012/11/389-directory-server-installation-...
These are exact steps that I followed and worked with self signed certificates.
On Thursday, December 13, 2012, Chaudhari, Rohit K. wrote:
Hello everyone,
How do I set up a 389 LDAP client to authenticate users against a 389 LDAP server? I
don't have a trusted certificate authority (CA) but will create self-signed CA that
signs server certificates, and then put that self-signed CA as the trusted CA on the
client side. Is there anything more specific or a guide on how to set this up out there?
Thanks in advance.
Rohit
--
--
http://about.me/chandank
--
--
http://about.me/chandank