Mailinglist Archive: opensuse (1690 mails)

< Previous Next >
Re: [opensuse] Re: Is ldap TLS working?
On 11/01/2011 03:46 PM, Joachim Schrod wrote:
lynn wrote:

1. What is the correct way of doing this?
This is up to others to answer; I don't use YaST.
I tried from the command line too using Debian and got as far as a server client authentication. After trying the CA certificate setup and the samba.schema integration after that I gave up :( With Yast, CA certificates, Samba and TLS are only a few clicks away.

2. Does this confirm that TLS is working? (all this just for one login?)
[...]
Oct 29 15:14:02 hh1 slapd[1798]: conn=1084 fd=34 TLS established tls_ssf=256
ssf=256
Yes, it's working.

And yes, all that for one login.
You should do an ls -l on a directory with files owned by many
acccounts, too.

That's why it's good practice to use nscd with LDAP authentication.
And maybe turn down LDAP logging, after one has confirmed that it
works.

Joachim
Thanks so much for this confirmation. I've now got the nscd started so I'm sure that that will lower the log messages.

L x




--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
References