Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Issue with ldap over SSL

From: "Jennifer Fountain" <jfountain () rbinc com>
Date: Wed, 17 Mar 2004 14:05:51 -0500
I am currently trying to get AD authenitication for linux.  I have
everything working (login, groups, etc) but I cannot get ldapssl working
correctly.  

I am currently getting this in my logs:

nss_ldap: could not search LDAP server - Referral
And I keep getting a segmentation fault when I try to su - user or id -
etc.

Here is my config:


host x.x.x.x
#port 636

base dc=xxx,dc=com

ldap_version 3

binddn anonymous () xxx com

scope sub

ssl no
#ssl yes


pam_filter objectclass=user
pam_login_attribute sAMAccountName
pam_password ad



nss_base_passwd         ou=xx,dc=xxx,dc=com?one
nss_base_shadow         ou=xx,dc=xxx,dc=com?one
nss_base_group          ou=xx,dc=xxx,dc=com?one


nss_map_objectclass posixAccount User
nss_map_attribute uid sAMAccountName
nss_map_attribute uniqueMember Member
nss_map_attribute userPassword msSFUPassword
nss_map_attribute homeDirectory msSFUHomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute cn sAMAccountName


My AD server is listening on port 636 and I can connect to it with the
ldp.exe tool on that port. I have Cert Services installed and I verified
the cert is in the personal and the trusted stores.  Does anyone have
any ideas on what I may be doing wrong?

Kind Regards,

Jennifer Fountain
3400 E. Walnut Street
Colmar, PA 18915

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: