slap_client_connect: URI=ldaps://ldap1.yahweh.net DN="uid=syncuser,cn=special,o=yahweh" ldap_sasl_bind_s failed (-1)
First thing, you should do whenever you get problems, setting appropriate log settings.
Add this to slapd.conf:
loglevel stats args trace sync
Restart slapd and watch the logs. Slapd writes logs to local4 channel
/usr/sbin/slapd2.4 -u ldap -g ldap -l LOCAL4 -s 0 -h ldap:/// ldaps:///
# added by openldap2.4-2.4.22 rpm Tue May 18 15:41:20 PDT 2010
local4.* -/var/log/ldap2.4/ldap.log
May 19 11:38:03 ldap1 slapd2.4[4671]: connection_read(13): checking for input on id=1003
May 19 11:38:03 ldap1 slapd2.4[4671]: connection_read(13): unable to get TLS client DN, error=49 id=1003
Ignore the part "unable to get TLS client". Instead, make sure your client does not check server cert. TLS_REQCERT = never
No comments:
Post a Comment