Package: libldap2
Version: 2.1.30-13.3
This version of libldap2 uses gnutls (libgnutls13) for secure
communications.
Using Debian's libnss-ldap (Version 251-7.5) and an authenticated secure
channel towards a Microsoft Active Directory LDAP server, certificates
verification was ok, data transfer was ok too, but we experienced hangs
at the end the transfer.
Transcript :
[EMAIL PROTECTED] getent passwd
root:x:0:0:root:/root:/bin/sh
user1:x:501:500:/home/user1:/bin/sh
...
user125:x:625:500:/home/user125:/bin/sh # This is our last LDAP user,
that's fine
<And then nothing happens. The request hangs forever.>
<Only way to exit: Ctrl-C or wait for ldap.conf's timelimit>
[EMAIL PROTECTED]
What we tried :
- Recompile libldap using openssl instead of gnutls
- Recompile libnss_ldap to point to our new libldap.
- Result : things worked fine.
our ldap.conf says (for the important sections) :
# ldap.conf
uri ldaps://our.server:636/
binddn someuserDN
bindpw someuserPW
ssl yes
tls_cacertdir /etc/ssl/cacerts/
tls_checkpeer yes
######
Regards,
Jerome.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
