Well, I've tried changing that setting, and still get the same error message. I'm pretty sure this is a certificate issue, just don't know how it's resolved.
The NetWare server has a certificate that's issued from eDirectory. I see lots of stuff about putting the certs in the /ect/pki directory on Red Hat, but nothing about where they should go on Suse Linux, and what configuration files need to be modified to make them recognized.
I've been able to successfully LDAP to the NetWare server using another LDAP utility, and it prompts me to accept the certificate, this is why I'm pretty sure it's a cert problem.
At this point, I'm stumped.
If any of you know of anyone that is successfully using a similar setup, running MW on a Linux box authenticating to an eDirectory system, I'd sure appreciate any insight.
On Tue, Sep 22, 2009 at 5:25 PM, Lane, Ryan Ryan.Lane@ocean.navo.navy.milwrote:
I'll hit up on the FQDN issue. I don't think though, that the LDAP server has a DNS entry. I'm assuming that if they don't, I can do it with a host entry.
On your second correction, the corrected version is what I had at one time, I dropped it attempting things.
However, I think your last recommendation is the correct one. I had pretty much decided that it was a cert issue, but couldn't get the exact information on what I needed to do to correct it. Your blog looks like it had it all along. Will try that this evening or tomorrow, and see what I get.
If your server doesn't have a DNS entry, then it probably has a self-signed certificate too. If this is the case, you'll have to put the following into your ldap.conf:
TLS_REQCERT never
V/r,
Ryan Lane
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l