Ldap_start_tls Operations Error 1
Contents |
line options and/or ldap.conf(5)) has requested TLS (SSL) be started twice. For instance, when specifying both "-H ldaps://server.do.main" and "-ZZ". [Append to This Answer] Previous: ldap_search: Partial results and referral received Next: ber_get_next on fd X failed errno=34 (Numerical result out of range) This document is: http://www.openldap.org/faq/index.cgi?file=1063 [Search] [Appearance] This is a Faq-O-Matic 2.721.test. © Copyright 1998-2013, OpenLDAP Foundation, info@OpenLDAP.org
causes of LDAP errors C.1.1. ldap_*: Can't contact LDAP server The Can't contact LDAP server error is usually returned when the LDAP server cannot be contacted. This may occur for many reasons: the LDAP server is not running; this can be checked by running, for example, telnet
and Objects Namespaces Errors Exceptions Generators References Explained Predefined Variables Predefined Exceptions Predefined Interfaces and Classes Context options and parameters http://php.net/manual/en/function.ldap-start-tls.php Supported Protocols and Wrappers Security Introduction General considerations Installed as CGI binary Installed as an Apache module Session Security Filesystem Security Database Security Error http://www.gossamer-threads.com/lists/exim/users/4620 Reporting Using Register Globals User Submitted Data Magic Quotes Hiding PHP Keeping Current Features HTTP authentication with PHP Cookies Sessions Dealing with XForms Handling file error 1 uploads Using remote files Connection handling Persistent Database Connections Safe Mode Command line usage Garbage Collection DTrace Dynamic Tracing Function Reference Affecting PHP's Behaviour Audio Formats Manipulation Authentication Services Command Line Specific Extensions Compression and Archive Extensions Credit Card Processing Cryptography Extensions Database Extensions Date and Time Related Extensions ldap_start_tls operations error File System Related Extensions Human Language and Character Encoding Support Image Processing and Generation Mail Related Extensions Mathematical Extensions Non-Text MIME Output Process Control Extensions Other Basic Extensions Other Services Search Engine Extensions Server Specific Extensions Session Extensions Text Processing Variable and Type Related Extensions Web Services Windows Only Extensions XML Manipulation Keyboard Shortcuts? This help j Next menu item k Previous menu item g p Previous man page g n Next man page G Scroll to bottom g g Scroll to top g h Goto homepage g s Goto search(current page) / Focus search box ldap_t61_to_8859 » « ldap_sort PHP Manual Function Reference Other Services LDAP LDAP Functions Change language: English Brazilian Portuguese Chinese (Simplified) French German Japanese Korean Romanian Russian Spanish Turkish Other Edit Report a Bug ldap_start_tls (PHP 4 >= 4.2.0, PHP 5, PHP 7)ldap_start_tls — Start TLS Description bool ldap_start_tls
Post #1 of 5 (1159 views) Permalink LDAP over TLS failing to bind/lookup. Initialized connection with LDAP server ldap.mydomain.com:636 LDAP_OPT_X_TLS_HARD set Binding with user=uid=___,ou=People,dc=mydomain,dc=com password=___ Bind failed: ldapauth returns FAIL This is done with the documented ldapauth series: login: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = ${if ldapauth \
{ user="uid=${quote_ldap:$1},ou=People,dc=mydomain,dc=com" \ pass="$2" \ ldaps://ldap.mydomain.com/}{yes}{no}}" server_set_id = uid=$1,ou=People,dc=mydomain,dc=com I've tested this same auth against using ldapsearch using -ZZ to make sure it worked over TLS, and it succeeded. Also, the same thing worked, using ldap, versus ldaps. I just would prefer it over TLS for obvious security reasons. Eric Renfro tonni at billy Aug20,2002,11:15AM Post #2 of 5 (1131 views) Permalink Re: LDAP over TLS failing to bind/lookup. [In reply to] tir, 2002-08-20 kl. 13:03 skrev Eric Renfro: > Initialized connection with LDAP server ldap.mydomain.com:636 > LDAP_OPT_X_TLS_HARD set > Binding with user=uid=___,ou=People,dc=mydomain,dc=com password=___ > Bind failed: ldapauth returns FAIL I have your problem too. ldaps was working perfectly with Exim 4.10 until yesterday, then a couple of jokers on the Openldap list had me change my workng DNS FQDNs to what they considered was right for me. Which turned out later not to be so. That broke everything, but *everything*. All is working again, apart from Exim ldaps, which will work again but not today. What I have discovered, though, is that Exim is extremely picky about the combination of host lookups (gethostbyname/number) and the certificate c