Bug 122129 - Can't authenticate via LDAP set up with authconfig (works with FC1)
Can't authenticate via LDAP set up with authconfig (works with FC1)
Status: CLOSED DUPLICATE of bug 123877
Product: Fedora
Classification: Fedora
Component: openldap (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Fenlason
Depends On:
  Show dependency treegraph
Reported: 2004-04-30 14:12 EDT by John Imholz
Modified: 2014-08-31 19:26 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-09-12 12:48:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description John Imholz 2004-04-30 14:12:01 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)

Description of problem:
With FC1, I can configure with 'authconfig' (Cache, LDAP, TLS) and
authentication works.  With FC2 test3 the ldap.conf looks good, but I
fail to authenticate.

/var/log/security says:  "pam_ldap: ldap_starttls_s: Connect error"

Version-Release number of selected component (if applicable):
openldap 2.1.29-1

How reproducible:

Steps to Reproduce:
1. Install FC2 test3
2. Authconfig (Cache, LDAP, LDAP Authentication, TLS, <server>, <dn>)

Actual Results:  nscd gets restarted,
can't login

Expected Results:  should be able to log in (works with FC1)

Additional info:
Comment 1 Elson, Del 2004-05-30 06:09:27 EDT
See bug 112262

The work-around on Fedora Core 2 release is to disable TLS in
Authconfig, and use kdm instead of gdm (which requires TLS for some
Comment 2 Chan Min Wai 2004-06-06 11:35:43 EDT
I don't have this problem in FC2t3 But I do have this problem in Fc2.

I'm thinking there seem to be a packages related to this have not been
Comment 3 Chan Min Wai 2004-06-06 12:15:52 EDT
From the Mailling list
Adding /etc/ldap.conf

tls_checkpeer no

Is the Solution.
Bug can close.
Comment 4 John Imholz 2004-06-08 08:32:57 EDT
The documentation in ldap.conf says that tls_checkpeer no is the default.

I'm a newbie, can someone tell me how this info will get back to the
ldap folks?
Comment 5 Matthew West 2004-06-12 23:17:43 EDT
This has been reported again as new bug # 123877.

To Nalin, or whoever packaged this: Please, please, please change the comments in the 
default configuration file if you change the source/build options! I wasted huge amounts 
of time because the comments still said that "tls_checkpeer no" was the default.
Comment 6 Howard Johnson 2004-11-30 11:58:57 EST
Just been bitten by this under FC3.

Could the ldap.conf comment be changed please? :-)
Comment 7 Richard Bullington-McGuire 2005-08-01 15:58:04 EDT
This also affects RHEL 4.
Comment 8 Tomas Mraz 2005-09-12 12:48:35 EDT

*** This bug has been marked as a duplicate of 123877 ***

Note You need to log in before you can comment on or make changes to this bug.