Hi, Given : SLES 11 SP1 LDAP Server - auth via SSL is not working SSL & and start_TSL command is not working. The funny thing. If created via yast / network services / LDAP server - everything works fine. In case somebody could share a working XML file for a ldap server ..... Tia Hajo P.S My LDAP Server XML file looks like. ( Created via yast autoinstallation , schema entries have been changed ) $ cat ldap_server.xml <?xml version="1.0"?> <!DOCTYPE profile> <profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns"> <deploy_image> <image_installation config:type="boolean">false</image_installation> </deploy_image> <ldap-server> <daemon> <listeners config:type="list"> <listentry>ldap</listentry> <listentry>ldapi</listentry> <listentry>ldaps</listentry> </listeners> <serviceEnabled config:type="boolean">true</serviceEnabled> <slp config:type="boolean">false</slp> </daemon> <databases config:type="list"> <listentry> <access config:type="list"> <listentry> <access config:type="list"> <listentry> <control></control> <level>write</level> <type>self</type> <value></value> </listentry> <listentry> <control></control> <level>auth</level> <type>*</type> <value></value> </listentry> </access> <target> <attrs>userPassword</attrs> </target> </listentry> <listentry> <access config:type="list"> <listentry> <control></control> <level>write</level> <type>self</type> <value></value> </listentry> <listentry> <control></control> <level>read</level> <type>*</type> <value></value> </listentry> </access> <target> <attrs>shadowLastChange</attrs> </target> </listentry> <listentry> <access config:type="list"> <listentry> <control></control> <level>read</level> <type>self</type> <value></value> </listentry> <listentry> <control></control> <level>none</level> <type>*</type> <value></value> </listentry> </access> <target> <attrs>userPKCS12</attrs> </target> </listentry> <listentry> <access config:type="list"> <listentry> <control></control> <level>read</level> <type>*</type> <value></value> </listentry> </access> <target/> </listentry> </access> <checkpoint config:type="list"> <listentry>1024</listentry> <listentry>5</listentry> </checkpoint> <directory>/var/lib/ldap</directory> <entrycache>10000</entrycache> <idlcache>30000</idlcache> <indexes> <cn> <eq>1</eq> <sub>1</sub> </cn> <displayName> <eq>1</eq> <sub>1</sub> </displayName> <gidNumber> <eq>1</eq> </gidNumber> <givenName> <eq>1</eq> <sub>1</sub> </givenName> <mail> <eq>1</eq> </mail> <member> <eq>1</eq> </member> <memberUid> <eq>1</eq> </memberUid> <objectclass> <eq>1</eq> </objectclass> <sn> <eq>1</eq> <sub>1</sub> </sn> <uid> <eq>1</eq> <sub>1</sub> </uid> <uidNumber> <eq>1</eq> </uidNumber> </indexes> <rootdn>cn=Administrator,dc=int</rootdn> <rootpw></rootpw> <suffix>dc=tce,dc=eumetsat,dc=int</suffix> <type>bdb</type> </listentry> </databases> <globals> <allow config:type="list"/> <disallow config:type="list"/> <loglevel config:type="list"> <listentry>none</listentry> </loglevel> <tlsconfig> <caCertFile>/etc/openldap/CAcert.pem</caCertFile> <certFile>/etc/openldap/ldap.cer</certFile> <certKeyFile>/etc/openldap/ldap.key</certKeyFile> <caCertDir></caCertDir> <certKeyFile></certKeyFile> <crlCheck>0</crlCheck> <verifyClient>0</verifyClient> </tlsconfig> </globals> <schema config:type="list"> <listentry> <includeldif>/etc/openldap/schema/core.ldif</includeldif> </listentry> <listentry> <includeldif>/etc/openldap/schema/cosine.ldif</includeldif> </listentry> <listentry> <includeldif>/etc/openldap/schema/inetorgperson.ldif</includeldif> </listentry> <listentry> <!-- <includeschema>/etc/openldap/schema/rfc2307bis.schema</includeschema> --> <includeschema>/etc/openldap/schema/nis.schema</includeschema> </listentry> <listentry> <!-- <includeschema>/etc/openldap/schema/yast.schema</includeschema> --> </listentry> </schema> </ldap-server> </profile> -- To unsubscribe, e-mail: opensuse-autoinstall+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-autoinstall+owner@opensuse.org