API tools faq
paste
ouzmoutous

ssl ldap freeze

ouzmoutous
Jun 26th, 2013
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.19 KB | None | 0 0
raw download clone embed print report
  1. # grep -ir "ssf" /etc/openldap/
  2. /etc/openldap/slapd.d/cn=config.ldif:olcLocalSSF: 71
  3. /etc/openldap/slapd.d/cn=config/cn=schema.ldif:olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger SINGLE-
  4. /etc/openldap/slapd.d/cn=config/cn=schema.ldif: peername, or ssf' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
  5. /etc/openldap/slapd.d/cn=config/cn=schema.ldif: p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $ olcPasswordCryp
  6. /etc/openldap/schema/ppolicy.schema:# successful authentication occurred.
  7. /etc/openldap/schema/ppolicy.schema:# counter is only reset by a successful authentication.
  8. /etc/openldap/ldap.conf:nss_map_attribute homeDirectory msSFU30HomeDirectory
  9.  
  10.  
  11. # grep -ir "tlscipher" /etc/openldap/
  12. /etc/openldap/slapd.d/cn=config/cn=schema.ldif:olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX OMsDirectory
  13. /etc/openldap/slapd.d/cn=config/cn=schema.ldif: teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $ olcTLSVerif
  14.  
  15.  
  16. # ldd /usr/bin/ldapsearch
  17. linux-vdso.so.1 => (0x00007fff0571b000)
  18. libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00000033b0200000)
  19. liblber-2.4.so.2 => /lib64/liblber-2.4.so.2 (0x00000033b0e00000)
  20. libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x0000003296200000)
  21. libcrypt.so.1 => /lib64/libcrypt.so.1 (0x0000003291a00000)
  22. libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003286e00000)
  23. libssl3.so => /usr/lib64/libssl3.so (0x0000003294a00000)
  24. libsmime3.so => /usr/lib64/libsmime3.so (0x00000033b0a00000)
  25. libnss3.so => /usr/lib64/libnss3.so (0x0000003292e00000)
  26. libnssutil3.so => /usr/lib64/libnssutil3.so (0x0000003293a00000)
  27. libplds4.so => /lib64/libplds4.so (0x0000003293200000)
  28. libplc4.so => /lib64/libplc4.so (0x0000003293600000)
  29. libnspr4.so => /lib64/libnspr4.so (0x0000003293e00000)
  30. libc.so.6 => /lib64/libc.so.6 (0x0000003284e00000)
  31. libdl.so.2 => /lib64/libdl.so.2 (0x0000003285600000)
  32. libfreebl3.so => /lib64/libfreebl3.so (0x0000003290600000)
  33. libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003285a00000)
  34. libz.so.1 => /lib64/libz.so.1 (0x0000003285e00000)
  35. /lib64/ld-linux-x86-64.so.2 (0x0000003284a00000)
  36.  
  37.  
  38. # ldd /usr/sbin/slapd
  39. linux-vdso.so.1 => (0x00007fff45b18000)
  40. libltdl.so.7 => /usr/lib64/libltdl.so.7 (0x00007f72f5dc7000)
  41. libdb-4.7.so => /lib64/libdb-4.7.so (0x00007f72f5a53000)
  42. libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007f72f5838000)
  43. libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f72f5601000)
  44. libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f72f53e7000)
  45. libssl3.so => /usr/lib64/libssl3.so (0x00007f72f51aa000)
  46. libsmime3.so => /usr/lib64/libsmime3.so (0x00007f72f4f7e000)
  47. libnss3.so => /usr/lib64/libnss3.so (0x00007f72f4c43000)
  48. libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f72f4a1c000)
  49. libplds4.so => /lib64/libplds4.so (0x00007f72f4818000)
  50. libplc4.so => /lib64/libplc4.so (0x00007f72f4613000)
  51. libnspr4.so => /lib64/libnspr4.so (0x00007f72f43d5000)
  52. libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f72f41b8000)
  53. libwrap.so.0 => /lib64/libwrap.so.0 (0x00007f72f3fad000)
  54. libc.so.6 => /lib64/libc.so.6 (0x00007f72f3c1a000)
  55. libdl.so.2 => /lib64/libdl.so.2 (0x00007f72f3a16000)
  56. libfreebl3.so => /lib64/libfreebl3.so (0x00007f72f37b4000)
  57. libz.so.1 => /lib64/libz.so.1 (0x00007f72f359d000)
  58. /lib64/ld-linux-x86-64.so.2 (0x0000003284a00000)
  59. libnsl.so.1 => /lib64/libnsl.so.1 (0x00007f72f3384000)
  60.  
  61.  
  62.  
  63. # cat /etc/openldap/ldap.conf
  64. base dc=my,dc=domain
  65. timelimit 120
  66. bind_timelimit 120
  67. idle_timelimit 3600
  68. nss_base_passwd ou=comptes,dc=my,dc=domain
  69. nss_base_group ou=comptes,dc=my,dc=domain
  70. nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
  71. nss_map_objectclass posixAccount User
  72. nss_map_attribute homeDirectory msSFU30HomeDirectory
  73. nss_map_objectclass posixGroup Group
  74. scope sub
  75. suffix "dc=my,dc=domain"
  76. ssl no # I also tried "yes"
  77. URI ldaps://master:636
  78. BASE dc=nomeris,dc=int
  79. tls_cacertdir /etc/openldap/certs
  80. TLS_REQCERT allow
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!