Support Home Communities Home   Search Today's Posts Mark Forums Read

 
 
LinkBack Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 30-Jul-2009, 02:07 PM
Member
  
Join Date: Jul 2009
Posts: 31
lilott8 0 reputation points
Default Fedora Core 11 LDAP connectivity problesm
So one day we wake up and there is no ldap connectivity from our webserver to our LDAP server. It works one day, then nothing the next.

I have done several (thousand) ds traces to see if I can pin point the problem. Here are the results from several of the DS traces:

Using port 636 no TLS:
Code:
 
6124D1A0 FFFFFFFF -1 LDAP: Rejecting unencrypted bind on cleartext port in nds_back_bind, err = 13
Using port 389 not TLS:
Code:
 
7E7C5480 FFFFFFFF -1 LDAP: Rejecting unencrypted bind on cleartext port in nds_back_bind, err = 13
7E7C5480 FFFFFFFF -1 LDAP: Rejecting unencrypted bind on cleartext port in nds_back_bind, err = 13
Using port 636 WITH TLS forced for all operations:
Code:
 
7E7C5480 FFFFFFFF -1 LDAP: TLS accept failure 1 on connection 0x96a202a0, setting err = -5875. Error stack:
   error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca - SSL alert number 48
7E7C5480 FFFFFFFF -1 LDAP: TLS handshake failed on connection 0x96a202a0, err = -5875
7E7C5480 FFFFFFFF -1 LDAP: BIO ctrl called with unknown cmd 7
Using port 389 WITH TLS forced for all operations:
Code:
 
7E20A1E0 000080E6 105 Auth: 1 GlobalGetSEV.
7E20A1E0 000080E6 105 Auth: 4 GlobalGetSEV succeeded.
7E7C5480 FFFFFFFF -1 LDAP: TLS accept failure 1 on connection 0x96a202a0, setting err = -5875. Error stack:
   error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca - SSL alert number 48
7E7C5480 FFFFFFFF -1 LDAP: TLS handshake failed on connection 0x96a202a0, err = -5875
7E7C5480 FFFFFFFF -1 LDAP: BIO ctrl called with unknown cmd 7

Our eDirectory server is running Novell Netware 5.70.06[DS].
We are running eDirectory version 8.7.x

We have read something somewhere that had mentioned it being a certificate problem; we have verified that no certificate has expired and all are valid. Any information would prove incredibly useful.

Each time we try to authenticate, the webserver, for obvious reasons, throws a "ldap_bind() error". I have created a self signed certificate for our webserver, but I haven't told it to use it, as that cert only applies to connections coming into that server. We are fairly certain the problem is with eDirectory, but we have not 100% verified it. We are still searching. Thanks.
Reply With Quote
 

Tags
certificate, ldap, tls

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -6. The time now is 05:31 PM.
Contact Us - NOVELL FORUMS - Archive - Privacy Statement - Top

© 2007 Novell, Inc. All Rights Reserved.

Search Engine Friendly URLs by vBSEO 3.3.0 RC2