OpenLDAP and autofs

From Notes

Jump to: navigation, search

Common Errors

When restarting autofs: 

# /var/log/messages on client
Nov  1 12:50:25 secondary automount[26346]: init_ldap_connection: lookup(ldap): TLS required but START_TLS failed: Operations error
Nov  1 12:50:25 secondary automount[26346]: init_ldap_connection: lookup(ldap): TLS required but START_TLS failed: Operations error
Nov  1 12:50:25 secondary automount[26346]: lookup_init: lookup(ldap): cannot connect to server

# /var/log/messages on openldap server
Nov  1 12:53:15 primary slapd[4675]: conn=67 fd=31 ACCEPT from IP=192.168.1.20:45579 (IP=0.0.0.0:636)
Nov  1 12:53:15 primary slapd[4675]: conn=67 fd=31 TLS established tls_ssf=256 ssf=256
Nov  1 12:53:15 primary slapd[4675]: conn=67 op=0 STARTTLS
Nov  1 12:53:15 primary slapd[4675]: conn=67 op=0 RESULT oid= err=1 text=TLS already started
Nov  1 12:53:15 primary slapd[4675]: conn=67 op=1 UNBIND
Nov  1 12:53:15 primary slapd[4675]: conn=67 fd=31 closed
Nov  1 12:53:15 primary slapd[4675]: conn=68 fd=31 ACCEPT from IP=192.168.1.20:45580 (IP=0.0.0.0:636)
Nov  1 12:53:15 primary slapd[4675]: conn=68 fd=31 TLS established tls_ssf=256 ssf=256
Nov  1 12:53:15 primary slapd[4675]: conn=68 op=0 STARTTLS
Nov  1 12:53:15 primary slapd[4675]: conn=68 op=0 RESULT oid= err=1 text=TLS already started
Nov  1 12:53:15 primary slapd[4675]: conn=68 op=1 UNBIND
Nov  1 12:53:15 primary slapd[4675]: conn=68 fd=31 closed

The first message above, regarding "TLS required but START_TLS failed:" was resolved through removing ldaps from the /etc/openldap/ldap.conf file. It seems that autofs is using this file for the configuration rather than the system /etc/ldap.conf that I would expect it to use.

Retrieved from "http://www.itsecureadmin.com/wiki/index.php/OpenLDAP_and_autofs"
Personal tools