ldaps connection

Jan_N_ — Wed, 05 Aug 2015 15:57:09 GMT

Hi all

i would like to use mic checking users from ldap server.

this is what works:

root@serverX-mic0 ~]# cat /etc/ldap.conf 
URI ldap://192.168.1.12
BASE ou=domain1,ou=domain2,dc=domain3,dc=org
binddn    cn=micuser,ou=users,ou=domain1,ou=domain2,dc=domain3,dc=org
bindpw    password:)
bind_policy soft

but i need to use ssl or tls. Is it possible?

Next. In ldap database there are only user's public keys not passwords. Could mic use something to authenticate this users?

thanks

Jan

I've never used ldap on the

JJK — Thu, 06 Aug 2015 21:17:57 GMT

I've never used ldap on the Phi but to use ldaps I would try something like:

URI ldaps://192.168.1.12
ssl on
tls_cacertfile <full path to CA certificate used to sign certificate of ldaps server>

As for your 'next' question: I am not sure if this is possible, even on a regular Linux host.

LDAP authentication requires a username and a password, but an LDAP directory may also contain public keys - those can be used to populate the right authorized_keys files, so that users can log in using their ssh keys. I've never seen anyone do that in one go.

My advice would be to make it work on a regular host first, and then try to port that setup to the Phi.

topic I've never used ldap on the in Software Archive

ldaps connection

I've never used ldap on the