Using an ldaps://... URI works, so I'll just do that I guess. If there's a starttls way of doing this, that would be nice to know about, but at least I can create a secure connection.
-Ron- 2011-07-01_09:42:56-0400 Ron Peterson <[email protected]>: > Hi, > > I have a rewrite map configured like: > > database ldap > suffix "ou=myou" > uri "ldap://my.backend/"; > tls start tls_cacertdir=/my/ca/cert/dir > rwm-rewriteMap ldap uid2adminDN "ldap://my.backend/ou=yada,dc=yada?dn?sub"; > binddn="uid=someone,..." credentials="etc" > > My back end is configured to require tls, i.e. > > security ssf=128 update_ssf=128 simple_bind=128 > > If I remove that requirement, everything works. When I add it, my back > end ldap server logs: > > Jul 1 09:24:28 mid slapd[13011]: conn=1006 op=0 BIND dn="uid=someone,..." > method=128 > Jul 1 09:24:28 mid slapd[13011]: conn=1006 op=0 RESULT tag=97 err=13 > text=confidentiality required > > How do I configure rwm-rewritemap to use tls? > > -Ron-
