cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP Auth Module and SSL

SOLVED
Go to solution
Martin Harte
Occasional Contributor

LDAP Auth Module and SSL

Hey,
Can anyone tell me the config option to enable this?

strings ldapcd
reveals plenty of SSL stuff so I know it is supported. Can't find anything on it in the documentation though :/

The LDAP module is from Internet Express 570.

Thanks!

Martin.
5 REPLIES
Ralf Puchner
Honored Contributor

Re: LDAP Auth Module and SSL

due to the fact that the ldap module is a opensource implementation any howto within the internet will give you advise howto setup ssl + ldap:

eg. http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html
Help() { FirstReadManual(urgently); Go_to_it;; }
Martin Harte
Occasional Contributor

Re: LDAP Auth Module and SSL

OpenLDAP is the LDAP server. The document you refered me to deals with configuring SSL on the server side.

I'm interested in the authentication module. This allows users to authenticate against the directory server to log on to the machine.
Two very different things.

Tru64 provide this module with their internet express kit as mentioned above but the documentation of the SSL features is non-existant.

Unfortunately the only opensource LDAP module (PADL) is PAM based.


Thanks,

Martin.

Ann Majeske
Honored Contributor
Solution

Re: LDAP Auth Module and SSL

I figured it would be useful to get the answer from the source, so I asked the ldap developers. The answer is that we currently don't support using our LDAP Authentication Module with ssl.

Sorry,

Ann
Michael Grubb
Occasional Visitor

Re: LDAP Auth Module and SSL

The auth module may not natively support SSL, but you can still get this functionality using tunnels. The stunnel program (http://stunnel.org) is a daemon that provides both client and server type tunnels. So you would setup stunnel to listen for connections from the localhost on the proper port and give it the proper certificates and hostname/port for your directory. Then in the /etc/ldapcd.conf file instead of specifiying your real directory server you specify the localhost/port. Then when the authmodule attempts to connect to the local port stunnel will forward the request over an ssl connection to the actual directory server.
Stefano_36
Frequent Advisor

Re: LDAP Auth Module and SSL

This is for Ann.
Please can you confirm that at today i cant use OpenLdap Client under tru64 with SSL ?
Must I use the STUNNEL to use port 636 ?

Thanks
Stefano