I figured this out. Found this in slapd's log: Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=0 BIND dn="" method=128 Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=0 RESULT tag=97 err=0 text= Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=1 SRCH base="ou=SUDOers,dc=harmonywave,dc=com" scope=2 deref=0 filter="(&(objectClass=sudoRole)(cn=defaults))" Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=1 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality required Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=2 SRCH base="ou=SUDOers,dc=harmonywave,dc=com" scope=2 deref=0 filter="(&(objectClass=sudoRole)(|(sudoUser=jschaeffer)(sudoUser=%jschaeffer)(sudoUser=%#5000)(sudoUser=%administrator)(sudoUser=%sftp-users)(sudoUser=%wheel)(sudoUser=%#4000)(sudoUser=%#4001)(sudoUser=%#4002)(sudoUser=ALL)))" Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=2 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality required Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=3 SRCH base="ou=SUDOers,dc=harmonywave,dc=com" scope=2 deref=0 filter="(&(objectClass=sudoRole)(sudoUser=*)(sudoUser=+*))" Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=3 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality required
I didn't have my /etc/ldap/ldap.conf file using start_tls so it wouldn't connect with TLS. I updated the URI parameter in the file to: URI ldap://baneling.harmonywave.com/????starttls And it works now. Thanks, Joshua
