Mailinglist Archive: opensuse (1690 mails)
| < Previous | Next > |
Re: [opensuse] Re: Is ldap TLS working?
- From: lynn <lynn@xxxxxxxxxxxx>
- Date: Tue, 01 Nov 2011 21:30:33 +0100
- Message-id: <4EB056E9.2040108@steve-ss.com>
On 11/01/2011 03:46 PM, Joachim Schrod wrote:
L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
lynn wrote:I tried from the command line too using Debian and got as far as a server client authentication. After trying the CA certificate setup and the samba.schema integration after that I gave up :( With Yast, CA certificates, Samba and TLS are only a few clicks away.
1. What is the correct way of doing this?This is up to others to answer; I don't use YaST.
Thanks so much for this confirmation. I've now got the nscd started so I'm sure that that will lower the log messages.
2. Does this confirm that TLS is working? (all this just for one login?)Yes, it's working.
[...]
Oct 29 15:14:02 hh1 slapd[1798]: conn=1084 fd=34 TLS established tls_ssf=256
ssf=256
And yes, all that for one login.
You should do an ls -l on a directory with files owned by many
acccounts, too.
That's why it's good practice to use nscd with LDAP authentication.
And maybe turn down LDAP logging, after one has confirmed that it
works.
Joachim
L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
| < Previous | Next > |