I just loaded openfiler 2.3 and this is still broken. If my ldap server
requires TLS, the openfiler scripts ignore the TLS flag set in the
authentication section and still try to talk to the LDAP server without TLS.
Jon Schewe wrote:
First bug is that if you have a dollar sign in your ldap password
openfiler doesn't properly escape it and the password sent is incorrect.
This is easy to work around, I just changed my password.
Second bug is a lot harder. I've setup my ldap server using openldap and
requiring TLS authentication. When I run from the command line
"ldapsearch -ZZ -x" I can see my ldap directory. However when I tell
openfiler to point at my ldap server and check the little TLS box and
then goto the account administration page I'm greeted with the error
below:
Please configure the LDAP section of the Authentication
<https://minnetonka.bbn.com:446/admin/index.html> page before attempting
to use this page.
Error message:
ldap_bind: Confidentiality required (13)
additional info: confidentiality required
I did some poking around and found that ldap.inc doesn't pay any
attention to the TLS flag. If I add the -ZZ to the commands in
ldap.incl, then the page works fine.
Attached is a patch that fixes this.
------------------------------------------------------------------------
_______________________________________________
Openfiler-users mailing list
[email protected]
https://lists.openfiler.com/mailman/listinfo/openfiler-users
--
Jon Schewe
Research Scientist
BBN Technologies
5775 Wayzata Blvd.
Suite 630
St. Louis Park, MN 55416
952-545-5720 - Office
952-545-5727 - Fax
www.bbn.com
_______________________________________________
Openfiler-users mailing list
[email protected]
https://lists.openfiler.com/mailman/listinfo/openfiler-users
