Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora Directory (http://www.linux-archive.org/fedora-directory/)
-   -   Client failures (http://www.linux-archive.org/fedora-directory/389626-client-failures.html)

Steven Jones 06-22-2010 10:40 PM

Client failures
 
Hi

I have a 389 server working, with non-secure LDAP (port 389) ubuntu and RH5ws clients work fine....I have made self certificates and these seem OK on the client(s), yet once I kickoff ssl (636) logins dont work....For the RH5ws I have used authconfig-tui which automates the setup, its seems correct. Ubuntu it looks like I have to set it up manually...? cant find anything that that says otherwise.

So I appear to have a mis-config in the SSl or TLS part...

I have dug around and googled to no vail....so where do I start looking for issues? I cant see anything in the logs, (can they be set more verbose? would that help?)

regards

Steven




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Steven Jones 06-22-2010 10:48 PM

Client failures
 
Hi,

>From the logs,

The first 2 Ips are the secure ones from RH5ws's (245.105 and 81.236), the last (53.103) is ubuntu in plain txt (port 389) mode....

There is a query from ubuntu as you can see and login to the client is successful, but not from the RH boxes....so why?

regards

Steven

[root@vuwunicooimm001 slapd-vuwunicooimm001]# tail -f access
[23/Jun/2010:10:43:27 +1200] conn=1490 fd=97 slot=97 SSL connection from 130.195.245.105 to 130.195.53.100
[23/Jun/2010:10:43:31 +1200] conn=1490 op=-1 fd=97 closed - B1
[23/Jun/2010:10:43:44 +1200] conn=1491 fd=97 slot=97 SSL connection from 130.195.81.236 to 130.195.53.100
[23/Jun/2010:10:43:47 +1200] conn=1491 op=-1 fd=97 closed - B1
[23/Jun/2010:10:44:16 +1200] conn=1492 fd=97 slot=97 connection from 130.195.245.103 to 130.195.53.100
[23/Jun/2010:10:44:16 +1200] conn=1492 op=0 BIND dn="" method=128 version=3
[23/Jun/2010:10:44:16 +1200] conn=1492 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
[23/Jun/2010:10:44:16 +1200] conn=1492 op=1 SRCH base="dc=vuw,dc=ac,dc=nz" scope=2 filter="(uid=jonesst1)" attrs=ALL
[23/Jun/2010:10:44:16 +1200] conn=1492 op=1 RESULT err=0 tag=101 nentries=1 etime=0
[23/Jun/2010:10:44:16 +1200] conn=1492 op=2 BIND dn="uid=jonesst1,ou=People,dc=vuw,dc=ac,dc=nz" method=128 version=3
[23/Jun/2010:10:44:16 +1200] conn=1492 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=jonesst1,ou=people,dc=vuw,dc=ac,dc=nz"
[23/Jun/2010:10:44:16 +1200] conn=1492 op=3 BIND dn="" method=128 version=3
[23/Jun/2010:10:44:16 +1200] conn=1492 op=3 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
[23/Jun/2010:10:44:16 +1200] conn=1492 op=4 UNBIND
[23/Jun/2010:10:44:16 +1200] conn=1492 op=4 fd=97 closed - U1



=================================

-----Original Message-----
From: 389-users-bounces@lists.fedoraproject.org [mailto:389-users-bounces@lists.fedoraproject.org] On Behalf Of Steven Jones
Sent: Wednesday, 23 June 2010 10:41 a.m.
To: General discussion list for the 389 Directory server project.
Subject: [389-users] Client failures

Hi

I have a 389 server working, with non-secure LDAP (port 389) ubuntu and RH5ws clients work fine....I have made self certificates and these seem OK on the client(s), yet once I kickoff ssl (636) logins dont work....For the RH5ws I have used authconfig-tui which automates the setup, its seems correct. Ubuntu it looks like I have to set it up manually...? cant find anything that that says otherwise.

So I appear to have a mis-config in the SSl or TLS part...

I have dug around and googled to no vail....so where do I start looking for issues? I cant see anything in the logs, (can they be set more verbose? would that help?)

regards

Steven




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users


All times are GMT. The time now is 05:31 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.