DebuggingOpenldap
Differences between revisions 2 and 3
|
Size: 3579
Comment:
|
Size: 3623
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 60: | Line 60: |
| ## StockReplyStart |
|
| Line 68: | Line 70: |
## StockReplyEnd |
This page is part of the debugging series — pages with debugging details for a variety of Ubuntu packages. |
Contents |
Introduction
Bugs relating to openldap typically fall into X categories:
- SSL connections not working.
How to file
SSL connections failure
If the system is unable to connect to an ldap server via an SSL connection:
Add the content of the following files (if they exists):
- /etc/ldap/ldap.conf
- ~/.ldaprc
- ~/ldaprc
Add the content of TLS_CACERT file (set in one of the files above).
Install the following packages: ldap-utils and gnutls-bin.
* Attach the output of the following command line:
$ ldapsearch -d 1 ...other options to connect to ldap-server-hostname...
Example:
$ ldapsearch -d 1 -b "dc=example,dc=com" -D "cn=admin,dc=example,dc=com" -x -w adminpassword -H ldaps://ldap.example.com/
Obfuscate all relevant information (such as password, dn)
* output of the following command line:
gnutls-cli --x509cafile TLS_CACERT -p 636 ldap-server-hostname
Example:
gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p 636 ldap.example.com
Debugging procedure
How to Triage
Stock Reply
SSL connections failure
Thank you for taking the time to report this bug and helping to make Ubuntu better. Unfortunately we can't fix it without more information. Please include the information requested at https://wiki.ubuntu.com/DebuggingOpenldap#ssl-client-failure
How to Forward
Known bugs
Non-bugs
DebuggingOpenldap (last edited 2010-07-13 20:35:08 by pool-71-252-251-234)