I have created two sync agreement in FDS. I've got an error message with the one using ssl : "LDAP error: Can't contact LDAP server. Error Code 81.
The second sync agreement without ssl works.
*
I think this error should come from a certificate that I've create.
To create my certificate on Fedora*I've used the second*script from the fds wiki.
*
I want to know another thing : I*selected a single master in the replica role column. If I choose multiple master, will the sync happen from both side : ad and fds ?
*
ps : escuse me for my bad english.
*
*
Avec une webcam et Messenger partagez vos émotions en vidéo ! Téléchargez gratuitement !
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
09-01-2008, 01:10 PM
steve nguyen
LDAP Error with sync agreement using ssl
Hi everybody,
*
I have created two sync agreement in FDS. I've got an error message with the one using ssl : "LDAP error: Can't contact LDAP server. Error Code 81.
The second sync agreement without ssl works.
*
I think this error should come from a certificate that I've create.
To create my certificate on Fedora*I've used the second*script from the fds wiki.
*
I want to know another thing : I*selected a single master in the replica role column. If I choose multiple master, will the sync happen from both side : ad and fds ?
*
ps : escuse me for my bad english.
*
*
Votre correspondant a choisi Hotmail et profite d'un stockage quasiment illimité. Créez un compte Hotmail gratuitement !
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
09-02-2008, 01:06 PM
"Groot, Mathijs de (IDT Competence Java)"
LDAP Error with sync agreement using ssl
Hi,
Â*
I have / had the same problem.
The first question is, what architecture are you running, a
32bit of 64bits version?
Â*
Im working with a Red Hat Directory Server, Ive set up the SSL
and the certificates for a few times now on 64bit RHEL servers, but it is just
not working
I’m working on it with the Red Hat Support team but haven’t got
the solution yet.
Â*
Ive set up a couple of 32bits servers and they are working fine
with the windows synchronization over SSL.
Â*
If more people have it same problem (32bits vs 64bits SSL Sync),
I would like to hear from it.
And if you are running a 64bits Red Hat Enterprise 5 server and
the Windows Sync over SSL is working fine, I would like to know what version
you are running.
Â*
Best regards,
Â*
Mathijs de Groot Â*Â*
Â*
From:
fedora-directory-users-bounces@redhat.com
[mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of steve
nguyen
Sent: maandag 1 september 2008 11:10
To: fedora-directory-users@redhat.com
Subject: [Fedora-directory-users] LDAP Error with sync agreement using
ssl
Â*
Hi everybody,
Â*
I have created two sync agreement in FDS. I've got an error message with the
one using ssl : "LDAP error: Can't contact LDAP server. Error Code 81.
The second sync agreement without ssl works.
Â*
I think this error should come from a certificate that I've create.
To create my certificate on FedoraÂ*I've used the secondÂ*script from
the fds wiki.
Â*
I want to know another thing : IÂ*selected a single master in the replica
role column. If I choose multiple master, will the sync happen from both side :
ad and fds ?
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
09-02-2008, 01:34 PM
steve nguyen
LDAP Error with sync agreement using ssl
Hi,
Â*
I'm using a 32 bit version
Â*
thanks
Subject: RE: [Fedora-directory-users] LDAP Error with sync agreement using ssl
Date: Tue, 2 Sep 2008 15:06:29 +0200
From: math.de.groot@logica.com
To: fedora-directory-users@redhat.com
Hi,
Â*
I have / had the same problem.
The first question is, what architecture are you running, a 32bit of 64bits version?
Â*
Im working with a Red Hat Directory Server, Ive set up the SSL and the certificates for a few times now on 64bit RHEL servers, but it is just not working
I’m working on it with the Red Hat Support team but haven’t got the solution yet.
Â*
Ive set up a couple of 32bits servers and they are working fine with the windows synchronization over SSL.
Â*
If more people have it same problem (32bits vs 64bits SSL Sync), I would like to hear from it.
And if you are running a 64bits Red Hat Enterprise 5 server and the Windows Sync over SSL is working fine, I would like to know what version you are running.
I have created two sync agreement in FDS. I've got an error message
with the one using ssl : "LDAP error: Can't contact LDAP server. Error
Code 81.
You'll have to provide more information, like the CA that issued your AD
server cert, and other messages in the DS error log.
The second sync agreement without ssl works.
I think this error should come from a certificate that I've create.
To create my certificate on Fedora I've used the second script from
the fds wiki.
I want to know another thing : I selected a single master in the
replica role column. If I choose multiple master, will the sync happen
from both side : ad and fds ?
The setting for single vs. multiple master is not applicable with
Windows Sync - it shouldn't matter as long as the DS side is a master.
Windows sync is always 2 way.
ps : escuse me for my bad english.
------------------------------------------------------------------------
Avec une webcam et Messenger partagez vos émotions en vidéo !
Téléchargez gratuitement ! <http://www.windowslive.fr/messenger/>
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
09-02-2008, 03:25 PM
Rich Megginson
LDAP Error with sync agreement using ssl
Groot, Mathijs de (IDT Competence Java) wrote:
Hi,
I have / had the same problem.
The first question is, what architecture are you running, a 32bit of
64bits version?
Windows Sync does not support 64-bit Windows - it should work fine on
64-bit RHEL/Fedora.
Im working with a Red Hat Directory Server, Ive set up the SSL and the
certificates for a few times now on 64bit RHEL servers, but it is just
not working
I’m working on it with the Red Hat Support team but haven’t got the
solution yet.
Ive set up a couple of 32bits servers and they are working fine with
the windows synchronization over SSL.
I'm not sure why it would make a difference - 32-bit should work the
same as 64-bit.
If more people have it same problem (32bits vs 64bits SSL Sync), I
would like to hear from it.
And if you are running a 64bits Red Hat Enterprise 5 server and the
Windows Sync over SSL is working fine, I would like to know what
version you are running.
Best regards,
Mathijs de Groot
*From:* fedora-directory-users-bounces@redhat.com
[mailto:fedora-directory-users-bounces@redhat.com] *On Behalf Of
*steve nguyen
*Sent:* maandag 1 september 2008 11:10
*To:* fedora-directory-users@redhat.com
*Subject:* [Fedora-directory-users] LDAP Error with sync agreement
using ssl
Hi everybody,
I have created two sync agreement in FDS. I've got an error message
with the one using ssl : "LDAP error: Can't contact LDAP server. Error
Code 81.
The second sync agreement without ssl works.
I think this error should come from a certificate that I've create.
To create my certificate on Fedora I've used the second script from
the fds wiki.
I want to know another thing : I selected a single master in the
replica role column. If I choose multiple master, will the sync happen
from both side : ad and fds ?
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be
copied, disclosed to, retained or used by, any other party. If you are
not an intended recipient then please promptly delete this e-mail and
any attachment and all copies and inform the sender. Thank you.
In AD, I set up SSL using IIS because I had some troubles usiing certreq
I enter this url /certsrv">http://<servername>/certsrvÂ*in my browser and I ask for a user certificate.
Â*
And I import it in the Trusted Root CA.
Â*
Â*
After the passync installation in Windows 2003 Server :
Â*
I enter this commands : certutil.exe -d . -N
Â*
I export my certs from FDS by doing this :Â* pk12util -d . -o dscert.p12 -n Server-Cert
Â*
In 2003 Server IÂ*put the FDS cert in the passync installation folder and I export : pk12util.exe -d "C:Program FilesRed Hat Directory Password Synchronization" –i dscert.p12
Â*
And I give the trusted peer status : certutil.exe -d "C:Program FilesRed Hat Directory Password Synchronization" –M -n Server-Cert -t "P,P,P"
Â*
I also doÂ*the same for the cascert certÂ*but I give this attributes trustÂ*attributes "CT,CT,CT" because it was mention in the FDS wiki.
Â*
That's all I do to set up SSL
Â*
Did you see what I did wrong ?
Â*
Thanks
Â*
Â*
Â*
-------------------------------------------------------------------------------------------------------------------------
> Date: Tue, 2 Sep 2008 09:24:19 -0600
> From: rmeggins@redhat.com
> To: fedora-directory-users@redhat.com
> Subject: Re: [Fedora-directory-users] LDAP Error with sync agreement using ssl
>
> steve nguyen wrote:
> > Hi everybody,
> >
> > I have created two sync agreement in FDS. I've got an error message
> > with the one using ssl : "LDAP error: Can't contact LDAP server. Error
> > Code 81.
> You'll have to provide more information, like the CA that issued your AD
> server cert, and other messages in the DS error log.
> > The second sync agreement without ssl works.
> >
> > I think this error should come from a certificate that I've create.
> > To create my certificate on Fedora I've used the second script from
> > the fds wiki.
> >
> > I want to know another thing : I selected a single master in the
> > replica role column. If I choose multiple master, will the sync happen
> > from both side : ad and fds ?
> The setting for single vs. multiple master is not applicable with
> Windows Sync - it shouldn't matter as long as the DS side is a master.
> Windows sync is always 2 way.
> >
> > ps : escuse me for my bad english.
LDAP Error with sync agreement using ssl
