conflicts between slapd and nsswitch (SSL not working)
eikemeier at fillmore-labs.com
Tue Apr 27 13:20:08 UTC 2004
Francesco Gringoli wrote:
> Packages: openldap2(0,1)-server, nss-ldap
> Hi all,
> If slapd is configured to run as a user different than root (default
> and nsswitch is configured to search first in files and then in ldap and
> the ldap server specified for nsswitch is different then this,
> when slapd starts its SSL engine seems down:
> although slapd binds on port 636, traffic on this
> port is not SSL (try with openssl s_client and see
> that no certificate is returned during the handshake,
> really there is no handshake at all).
> Note: slapd start normally as the user specified in slapd.conf,
> it is possible to do search inside the ldap db,
> nss-ldap is ok and userid and gid are those defined in the ldap db,
> the SSL engine is off.
> Note: if the ldap server specified for nsswitch is the same a time-out
> occur, since the slapd calls getpwnam and the ldap module
> cannot obtain anything. In this case the SSL engine is OK.
What do you mean with `different' and `same' specified server?
Also, some more iforemation would be useful, like
ps auxwww | grep slapd
More information about the freebsd-ports-bugs