Yes, I'd rather do that, but I'm trying to authenticate a Java web application using the Glassfish application server. Glassfish has LDAP authentication built in, I'd have to write a Kerberos login module myself.
Dan On Thu, Sep 15, 2011 at 03:28, Ondrej Valousek <ondr...@s3group.cz> wrote: > I would recommend using Kerberos for authentication, i.e. parameter "-Y > GSSAPI". That always worked for me... > > > On 09/14/2011 08:59 PM, Dan Scott wrote: > > Hi, > > I'm trying to perform an authenticated LDAP search against a FreeIPA > server (Fedora 15, freeipa-server-2.1.0-1.fc15.x86_64). > > When I run: > > [root@kelvin ~]# ldapsearch -D > "uid=guser,cn=users,cn=accounts,dc=example,dc=com" -w 'guserpassword' > -b "cn=accounts,dc=example,dc=com" -h kelvin.example.com -v > "uid=guser" -ZZ -c -d1 > > I receive the following error: > > ldap_start_tls: Connect error (-11) > additional info: TLS error -8172:Unknown code ___f 20 > > Full details shown in attachment. > > Can anyone help me figure out what I'm doing wrong? > > Thanks, > > Dan Scott > http://danieljamesscott.org > > _______________________________________________ > Freeipa-users mailing list > Freeipaemail@example.com > https://www.redhat.com/mailman/listinfo/freeipa-users > > ________________________________ > The information contained in this e-mail and in any attachments is > confidential and is designated solely for the attention of the intended > recipient(s). If you are not an intended recipient, you must not use, > disclose, copy, distribute or retain this e-mail or any part thereof. If you > have received this e-mail in error, please notify the sender by return > e-mail and delete all copies of this e-mail from your computer system(s). > Please direct any additional queries to: communicati...@s3group.com. Thank > You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland > no. 378073. Registered Office: South County Business Park, Leopardstown, > Dublin 18 > ________________________________ > > _______________________________________________ > Freeipa-users mailing list > Freeipafirstname.lastname@example.org > https://www.redhat.com/mailman/listinfo/freeipa-users > _______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users