There were a couple of differences in the dse.ldif, hostname checking was on and the cipher list was more restrictive. I've updated via ldapmodify and restarted the DS which caused the changes to be reflected in dse.ldif. No change to behaviour though.
This is the working adm.conf:
userdn: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
sysuser: dirsrv
sysgroup: dirsrv
SuiteSpotUserID: dirsrv
SuiteSpotGroup: dirsrv
sie: cn=admin-serv-ldap,cn=389 Administration Server,cn=Server Group,cn=ldap.example.com,ou=example.com,o=NetscapeRoot
securitydir: /etc/dirsrv/admin-serv
ldapurl: ldap://ldap.exmaple.com:389/o=NetscapeRoot
ldapStart: /usr/sbin/start-dirsrv ldap
isie: cn=389 Administration Server,cn=Server Group,cn=ldap.example.com,ou=example.com,o=NetscapeRoot
AdminDomain: example.com
The only difference when it fails is that the ldapurl becomes:
ldapurl: ldaps://ldap.exmaple.com:636/o=NetscapeRoot
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
No comments:
Post a Comment