Prashanth Sundaram wrote:
Rich,
I went forward with manual SSL install. I still see the console showing ldap.foo.com:389 on the top tree level.
That's just for labeling. If you have restarted the directory server after configuring it to use TLS, you should see in the error log a message that it is listening on the TLS/SSL port. You should also be able to use netstat to see that it is listening to both the LDAP port (389) and the LDAPS port (636) (or whatever other port numbers you may have configured).
The “User DS” field in Admin server points to ldap.foo.com:636. I have set all the encryption via console. Am I missing something? When I issue ldapsearch –p 389, it returns ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available:
/usr/bin/ldapsearch by default will attempt a SASL bind. You must use the -x argument to use simple bind.
When I issue, ldapsearch –p 636 is asks for pass but hangs thereafter. I have imported 500 entries. Also my indexes don’t seem to work, when searched on console.
Why do you think your indexes are not working?
I used proper ldapsearch with all possible switches -x , -Z, -ZZ.
Note that -Z will require you to configure your ldapsearch client to use a CA cert - see man ldap.conf - search for TLS - you can also create/use ~/.ldaprc
After I enabled indexing on the directory level and ou levels, when I click on search with nothing on search bar, it retuns the ou levels and not users. So I manually indexed individual users, they don;t show up anyway.
I'm not sure what you mean by "index" in this context.
Thanks,
-- 389 users mailing list 389-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users