Date: Tue, 27 Apr 2004 14:51:22 +0200 From: Francesco Gringoli <francesco.gringoli@ing.unibs.it> To: ports@FreeBSD.org, eik@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org Subject: conflicts between slapd and nsswitch (SSL not working) Message-ID: <9635BDFE-9849-11D8-B46A-000A95CD8008@ing.unibs.it>
next in thread | raw e-mail | index | archive | help
Packages: openldap2(0,1)-server, nss-ldap Hi all, If slapd is configured to run as a user different than root (default config) and nsswitch is configured to search first in files and then in ldap and the ldap server specified for nsswitch is different then this, when slapd starts its SSL engine seems down: although slapd binds on port 636, traffic on this port is not SSL (try with openssl s_client and see that no certificate is returned during the handshake, really there is no handshake at all). Note: slapd start normally as the user specified in slapd.conf, it is possible to do search inside the ldap db, nss-ldap is ok and userid and gid are those defined in the ldap db, BUT the SSL engine is off. Note: if the ldap server specified for nsswitch is the same a time-out occur, since the slapd calls getpwnam and the ldap module cannot obtain anything. In this case the SSL engine is OK. Regards, FG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9635BDFE-9849-11D8-B46A-000A95CD8008>