Hi, Something is amiss and I decided to rebuild from the start. # # LDAP Defaults #
# See ldap.conf(5) for details # This file should be world readable but not world writable. #BASE dc=example,dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never TLS_CACERTDIR /etc/openldap/cacerts # Turning this off breaks GSSAPI used with krb5 when rdns = false SASL_NOCANON on #TLS_CACERT /etc/openldap/cacert.pem #TLSCACertificateFile /etc/openldap/cacert.pem #TLSCertificateFile /etc/openldap/server.crt #TLSCertificateKeyFile /etc/openldap/private.key ssl start_tls TLS_REQCERT allow BASE dc=joescompany,dc=com URI ldap://127.0.0.1/ I start the ldap server and go to see if everything is ok. ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContexts # # dn: namingContexts: dc=joescompany,dc=com namingContexts: dc=my-domain,dc=com # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Should that second line even be there? Where in the world is it getting my-domain from? Is it a default? Thank you, P.
