Discussion:
SSL authentication to Active Directory via OpenLDAP client
Ashwin Kumar
2013-11-21 14:16:16 UTC
Permalink
I have set up Active Directory to serve requests over SSL (ldaps://). Also,
I have generated the certificate files on Windows 2008 server.

(I have copied the self-signed certificate to test.cer)

I have downloaded test.cer file to my linux machine to use it with Openldap
client.

The .cer file is present in /etc/openldap/certs directory and the content
of ldap.conf file is

TLS_CACERTDIR /etc/openldap/certs

However, when I issue an ldapsearch on the Active Directory I end up with
the following error:

ldapsearch -x -H ldaps://192.168.1.84:636 -D
CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -b
CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -w Admin123

ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

My question:
1) Is this how I use my *.cer file?
2) How do I convert it to a proper file recognized by openldap clients?
3) What am I missing? (Very new to ldap and Active Directory)
4) Any useful resource or documentation to get ldaps working?

Thanks.

--
Ashwin kumar
(http://ashwinkumar.me)

Loading...