Hi thanks for your help. After i've made a /etc/ldap/ldap.conf client(moodle) file with "TLS_REQCERT never" ,to disable SSL server certificate checking now also moodle is connecting with ldaps on 636 port. I haven't set up equality indexing on uid, because i've change the way a user authenticated with a username=e-mail address, and now i think to set up indexing on mail, memberUid and uidNumber.
Thanks againg fo your help. Frosina. 2011/11/30 David Hawes <[email protected]> > On 2011-11-30 12:04, Frosina Koceva wrote: > > Hi Marvin thanks for your help, i've upgrade cas like you told me to cas > > 3.4.11. and now the Single Sign Off is working.:D > > The thing that i notice is even i tried to configure in different ways > the > > cas and ldap plugins of drupal and moodle (and i think that they are > fine) > > it seems that i can't bind with ldaps from moodle: > > > > conn=1183 fd=27 ACCEPT from *IP=xxx.xxx.xx.109:50505 (IP=0.0.0.0:636)* > > > > slapd[1790]: conn=1183 fd=27 *TLS established* tls_ssf=128 ssf=128 > > > > slapd[1790]: conn=1183 op=0 BIND dn="cn=Sirma > > Koceva,ou=Studente,ou=moodleusers,dc=yyyy,dc=yy" method=128 > > > > slapd[1790]: conn=1183 op=0 BIND dn="cn=Sirma > > Koceva,ou=Studente,ou=moodleusers,dc=yyyy,dc=yy" mech=SIMPLE ssf=0 > > > > slapd[1790]: conn=1183 op=0 RESULT tag=97 err=0 text= > > > > slapd[1790]: conn=1183 op=1 UNBIND > > > > slapd[1790]: conn=1183 fd=27 closed > > > > slapd[1790]: conn=1184 fd=27 ACCEPT *from IP=xxx.xxx.xx.108:44106 > > (IP=0.0.0.0:389) * > > > > slapd[1790]: conn=1184 op=0 BIND dn="cn=yyyyy,dc=yyyy,dc=yy" method=128 > > > > slapd[1790]: conn=1184 op=0 BIND dn="cn=yyyyy,dc=yyyy,dc=yy" mech=SIMPLE > ssf=0 > > > > slapd[1790]: conn=1184 op=0 RESULT tag=97 err=0 text= > > > > slapd[1790]: conn=1184 op=1 SRCH base="ou=moodleusers,dc=yyyy,dc=yy" > > scope=2 deref=3 filter="(&(objectClass=posixAccount)(uid=skoceva))" > > > > slapd[1790]: conn=1184 op=1 SRCH attr=uid > > > > slapd[1790]: <= bdb_equality_candidates: (uid) not indexed > > > > slapd[1790]: conn=1184 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= > > > > slapd[1790]: conn=1184 op=2 SRCH base="cn=Sirma > > Koceva,ou=Studente,ou=moodleusers,dc=yyyy,dc=yy" scope=0 deref=3 > > filter="(objectClass=*)" > > > > slapd[1790]: conn=1184 op=2 SRCH attr=givenname sn mail l uidnumber uid > > > > slapd[1790]: conn=1184 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= > > > > slapd[1790]: conn=1184 op=3 UNBIND > > > > slapd[1790]: conn=1184 fd=27 closed > > But since my cas server , openLDAP server and drupal are on one VM and > the > > moodle site is on another VM but all of them are on the same physical > > machine, maybe however i'm not compromising the security of my system? > > You should check your moodle logs for errors. The above logs do not > show any errors. > > You should also think of setting up equality indexing on uid. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Dr.ssa Koceva Frosina -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
