Then you can configure it to use SSL through the NAM.CONF file.1. Does anyone here know how to make this modification? Check TID3280667 - Troubleshooting Linux User Managment or TID 7002981 Troubleshooting Linux User Management - Step by Step for additional assistance. This file is currently in beta as field test file ss1012.tgz.Issue 2: This is addressed in secupd7.tgz and higher as well as in the new NTLS contained within eDir8736.exe. weblink
After the install edit the /ETC/NAM.CONF file and modify/add the following entries.type-of authentication=2 (this entry should already be there set to 1)certificate-file-type=derldap-ssl-port=636 (or your ssl port for your ldap server)ldap-port=389 (or This file indicates what certificate ldap will use for this connection. Error stack: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol It doesn't seem to be the same -5875 error fixed in 220.127.116.11. At no point did we recreate our CA or any > server certificate. > > The server name is MAIL-01.
Click the login link at the top of this page to proceed. GBiz is too! Latest News Stories: Docker 1.0Heartbleed Redux: Another Gaping Wound in Web Encryption UncoveredThe Next Circle of Hell: Unpatchable SystemsGit 2.0.0 ReleasedThe Linux Foundation Announces Core Infrastructure At no point did we recreate our CA or any > server certificate. > > The server name is MAIL-01.
Joe D. To start viewing messages, select the forum that you want to visit from the selection below. In cases of heavy ldap usage, it might be better to reboot the server after hours if possible rather than bouncing the nlms. 2. But for some reason, ldap did not trust the rootcert.der on this box.
It's a 'deny' filter for port 5190 for ALL sources & destinations. This connection between owcimom and ldap is also a secure https connection that, by default, uses the sys:public\rootcert.der certificate. Bookmark Email Document Printer Friendly Favorite Rating: Configuring remote LDAP source for eGuideThis document (3005110) is provided subject to the disclaimer at the end of this document. A:Try this TID: http://support.novell.com/cgi-bin/search/searchtid.cgi?/10093750.htm Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.
I unloaded nldap and all the web services (which is supposed to temporarily resolve that listed issue) and services did not resume. Exported a new certificateDNS in consoleOne to the c: on the workstation. Cool Solutions Consulting Customer Center My Profile My Products My Support My Training Partners Communities + Communities Blog—Expert Views Blog—Technical Free Tools Support Forums About Us + About Us Contact Results 1 to 2 of 2 Thread: LDAP -5875 SSL23_GET_CLIENT_HELLO:unknown protocol Thread Tools Show Printable Version Subscribe to this Thread… Display Switch to Linear Mode Switch to Hybrid Mode Threaded Mode
The server name is MAIL-01. As unloading and re-loading NLDAP haven't resolved the issue, I would very appreciate it if you can help in order to be able to start the iSCSI Target. Have to unload and reload NLDAP to resolve. We receive a -5875 in the DSTrace. > > Any suggestions would be appreciated. > > Regards, > > > Aldo Zanoni > > > - - - - - -
You can name the newly exported certficateDNS to any filename.der you want. have a peek at these guys For a production setup you would need an enable TLS option in the LDAP config screen that would set a variable and cal the ldap_start_tls function in the /auth/ldap/auth.php file. Document ID:3646068Creation Date:06-DEC-06Modified Date:27-APR-12NovellOpen Enterprise Server Did this document solve your problem? Try doing a ID ADMIN (your install user), it should return uid=600(admin) gid=600(admingroup) groups=600(admingroup)Then try logging in as admin.If the install worked and you see the Unix Config / Unix Workstation
But that's OK, because they all know me here. Learn more about Disaster Recovery Recover workloads reliably after an outage Get back to business after an outage Protect from site-wide outages Protect both physical and virtual servers High-performance disaster recovery: Error in Dstrace screen with +ldap flag:TLS accept failure 1 on connection 0x525b60e0, setting err = -5875. check over here NOTE: Novell recommends you only have ONE Unix Config object in your tree, as this traces UID's and GID's distributed to LUM enabled users and groups.
For no ryhme nor reason, two days ago, we started getting > LDAP/SSL problems. DisclaimerThis Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Getting "login failed" at the login page dstrace ERROR: 08:50:10 966C2400 LDAP: (192.168.108.27:51691)(0x0000:0x00) TLS accept failure 5 on connection 0xa29f02a0, setting err = ‑5875.
This is just a quick dirty hack to make it work. Error stack: > LDAP: [2005/11/23 10:53:57] (10.10.2.91:1944)(0x0000:0x00) TLS handshake > failed on connection 0x53c7e00, err = -5875 > LDAP: [2005/11/23 10:53:57] Server closing connection 0x53c7e00, socket > error = -5875 > To do this you need to go to the LDAP Server object, Screen Options / LDAP Trace Options tab, in the Display Options box, check all options except for "Packet Dump Verify that the Unix Config object context specified in the /etc/nam.conf (base context listed in nam.conf), is the same context you are specifying during the install (or with the -r).
We have confirmed the certificates are still valid, installed, etc. Document ID:3240408Creation Date:17-DEC-07Modified Date:27-APR-12NovellNetWare Did this document solve your problem? NetIQ | Micro Focus Solutions Identity & AccessManagement Use integrated identity information to create and manage identities and control access to enterprise resources. http://kreativexpert.com/novell-error/novell-error-659.html We provide identity and access management, single sign-on (SSO), access governance, and more.
Error stack: > LDAP: [2005/11/23 10:53:57] (10.10.2.91:1944)(0x0000:0x00) TLS handshake > failed on connection 0x53c7e00, err = -5875 > LDAP: [2005/11/23 10:53:57] Server closing connection 0x53c7e00, socket > error = -5875 > Error stack: > error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad > certificate - SSL alert number 42 > LDAP: [2005/11/23 12:50:06] (10.10.2.91:3399)(0x0000:0x00) TLS handshake > failed on connection 0x6560700, err = -5875 > LDAP: Any suggestions would be appreciated. Error stack: > error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad > certificate - SSL alert number 42 > LDAP: [2005/11/23 11:27:02] (10.10.2.20:14797)(0x0000:0x00) TLS handshake > failed on connection 0x53c7e00, err = -5875 > LDAP:
The cimom client passes this certifcate, specified in this file, to ldap when making the connection using port 636. . We have confirmed the certificates are still valid, > installed, etc. Netware 6.5 edir 18.104.22.168 Thanks, K Reply With Quote « Previous Thread | Next Thread » Bookmarks Bookmarks Twitter Facebook Google Digg del.icio.us StumbleUpon Posting Permissions You may not post new Environment Novell Open Enterprise Server (OES) Support Pack 2 LinuxNovell Linux User Management (LUM) Situation Trying to install Linux User Management (LUM) through YAST on a OESSP2 server generates a unable
By importing the certificate using keytool, eGuide server can be trusted by the remote LDAP server. If these are different, then change the corresponding entry to match where you want the Unix Config object installed to. Check that in both LDAP server and group. If this is your first visit, be sure to check out the FAQ by clicking the link above.
Then created a test directory on the server, sys:cert, and copied the new certificate in there.