You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@manifoldcf.apache.org by "Naveen.A.N" <an...@searchblox.com> on 2015/09/23 04:27:22 UTC
Require signature with LDAP
Hi,
When i try to connect an LDAP server it gives me this error
*Threw exception: 'Naming error: [LDAP: error code 8 - 00002028: LdapErr:
DSID-0C090202, comment: The server requires binds to turn on integrity
checking if SSL\TLS are not already active on the connection, data 0,
v2580�]'*
When i try to use the ldp.exe and try everything was working fine. I found
that if a server uses Required signature in LDAP server it cause this
issue. Is there any way to fix this?
Is there a way to query the secured port?
--
Thanks and Regards,
Naveen A.N
Re: Require signature with LDAP
Posted by Karl Wright <da...@gmail.com>.
Hi Naveen,
I've created a branch, branches/CONNECTORS-1244, that has a significantly
modified LDAP authority in it.
This LDAP authority supports four different protocols: plain LDAP, LDAP
with ssl, LDAP with tls, and LDAP with both ssl and tls. Please check out
the branch and exercise it in your environment. If you use any of the new
protocols, you will also need to add appropriate x509 certificates to the
connection's trust store in order for them to not fail.
I'd like to integrate this back to trunk as soon as possible, so please let
me know how things are going, and also which protocol you wound up using.
Thanks,
Karl
On Wed, Sep 23, 2015 at 10:04 AM, Naveen.A.N <an...@searchblox.com> wrote:
> Okay, Lets try if it works it will be good :)
>
> On Wed, Sep 23, 2015 at 7:02 PM, Karl Wright <da...@gmail.com> wrote:
>
> > The SSL connection ability of Java's LDAP library is, sadly, rather
> > limited. I will only be able to implement a "trust everything" version
> of
> > SSL because of its technical limitations. That means that we basically
> > don't check for certificate validity in the LDAP connector, and assume
> all
> > certs are OK.
> >
> > For a client, that's usually fine, but I wanted to mention it in case
> that
> > was a blocker.
> >
> > Karl
> >
> >
> > On Wed, Sep 23, 2015 at 9:17 AM, Naveen.A.N <an...@searchblox.com>
> > wrote:
> >
> > > Hi Karl,
> > >
> > > I am not sure I can work on it now. I will make some test by end of
> this
> > > week and let you know.
> > >
> > > On Wed, Sep 23, 2015 at 4:08 PM, Karl Wright <da...@gmail.com>
> wrote:
> > >
> > > > It looks like this is what we'll need to do to allow for SSL
> > connections
> > > to
> > > > LDAP:
> > > >
> > > > http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
> > > >
> > > > Note that in MCF we do not permit the use of the default keystore, so
> > > we'd
> > > > have to override the socket as well with a custom keystore. This
> > > requires
> > > > a connection keystore, plus UI additions to support adding
> certificates
> > > to
> > > > the connection keystore. CONNECTORS-1244.
> > > >
> > > > I'm happy to work on this but I probably won't get very far until the
> > > > weekend.
> > > >
> > > > In the meantime, it would be great if you could confirm that you
> could
> > > > connect to your LDAP using the LDAP connector modified to specify an
> > SSL
> > > > connection, with appropriate certificates added to the default Java
> > > > keystore.
> > > >
> > > > Thanks,
> > > > Karl
> > > >
> > > >
> > > > On Wed, Sep 23, 2015 at 6:24 AM, Karl Wright <da...@gmail.com>
> > wrote:
> > > >
> > > > > I'm afraid all that the LDAP connector does is use the provided
> Java
> > > LDAP
> > > > > library to connect to LDAP. You'll have to play around with it
> until
> > > you
> > > > > can get it to work. Once you figure it out, I'd be happy to change
> > > > > whatever code is needed to help it work in your environment.
> > > > >
> > > > > I'd consider figuring out first of all how to turn on SSL/TLS,
> since
> > > that
> > > > > sounds like it could be the problem.
> > > > >
> > > > > Thanks,
> > > > > Karl
> > > > >
> > > > >
> > > > > On Wed, Sep 23, 2015 at 2:51 AM, Naveen.A.N <
> anaveen@searchblox.com>
> > > > > wrote:
> > > > >
> > > > >> Hi Karl,
> > > > >>
> > > > >> Yes I am using LDAP Authority Connection .
> > > > >> if I specify the port 636 it fails with Threw exception: 'Naming
> > > error:
> > > > >> domainname:636; socket closed'.
> > > > >>
> > > > >> On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <daddywri@gmail.com
> >
> > > > wrote:
> > > > >>
> > > > >> > Hi Naveen,
> > > > >> >
> > > > >> > Can you back up a bit, and start with what connector you are
> > using?
> > > > Is
> > > > >> > this the LDAP authority? If so, you can specify the port.
> > > > >> >
> > > > >> > Karl
> > > > >> >
> > > > >> >
> > > > >> > On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <
> > > anaveen@searchblox.com>
> > > > >> > wrote:
> > > > >> >
> > > > >> > > Hi,
> > > > >> > >
> > > > >> > > When i try to connect an LDAP server it gives me this error
> > > > >> > >
> > > > >> > > *Threw exception: 'Naming error: [LDAP: error code 8 -
> 00002028:
> > > > >> LdapErr:
> > > > >> > > DSID-0C090202, comment: The server requires binds to turn on
> > > > integrity
> > > > >> > > checking if SSL\TLS are not already active on the connection,
> > data
> > > > 0,
> > > > >> > > v2580�]'*
> > > > >> > >
> > > > >> > > When i try to use the ldp.exe and try everything was working
> > > fine. I
> > > > >> > found
> > > > >> > > that if a server uses Required signature in LDAP server it
> cause
> > > > this
> > > > >> > > issue. Is there any way to fix this?
> > > > >> > >
> > > > >> > > Is there a way to query the secured port?
> > > > >> > > --
> > > > >> > > Thanks and Regards,
> > > > >> > > Naveen A.N
> > > > >> > >
> > > > >> >
> > > > >>
> > > > >>
> > > > >>
> > > > >> --
> > > > >> Thanks and Regards,
> > > > >> Naveen A.N
> > > > >> Lead Software Developer
> > > > >> SearchBlox Software, Inc.
> > > > >> www.searchblox.com
> > > > >> Ph: +91 9445389179
> > > > >>
> > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Thanks and Regards,
> > > Naveen A.N
> > > Lead Software Developer
> > > SearchBlox Software, Inc.
> > > www.searchblox.com
> > > Ph: +91 9445389179
> > >
> >
>
>
>
> --
> Thanks and Regards,
> Naveen A.N
> Lead Software Developer
> SearchBlox Software, Inc.
> www.searchblox.com
> Ph: +91 9445389179
>
Re: Require signature with LDAP
Posted by "Naveen.A.N" <an...@searchblox.com>.
Okay, Lets try if it works it will be good :)
On Wed, Sep 23, 2015 at 7:02 PM, Karl Wright <da...@gmail.com> wrote:
> The SSL connection ability of Java's LDAP library is, sadly, rather
> limited. I will only be able to implement a "trust everything" version of
> SSL because of its technical limitations. That means that we basically
> don't check for certificate validity in the LDAP connector, and assume all
> certs are OK.
>
> For a client, that's usually fine, but I wanted to mention it in case that
> was a blocker.
>
> Karl
>
>
> On Wed, Sep 23, 2015 at 9:17 AM, Naveen.A.N <an...@searchblox.com>
> wrote:
>
> > Hi Karl,
> >
> > I am not sure I can work on it now. I will make some test by end of this
> > week and let you know.
> >
> > On Wed, Sep 23, 2015 at 4:08 PM, Karl Wright <da...@gmail.com> wrote:
> >
> > > It looks like this is what we'll need to do to allow for SSL
> connections
> > to
> > > LDAP:
> > >
> > > http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
> > >
> > > Note that in MCF we do not permit the use of the default keystore, so
> > we'd
> > > have to override the socket as well with a custom keystore. This
> > requires
> > > a connection keystore, plus UI additions to support adding certificates
> > to
> > > the connection keystore. CONNECTORS-1244.
> > >
> > > I'm happy to work on this but I probably won't get very far until the
> > > weekend.
> > >
> > > In the meantime, it would be great if you could confirm that you could
> > > connect to your LDAP using the LDAP connector modified to specify an
> SSL
> > > connection, with appropriate certificates added to the default Java
> > > keystore.
> > >
> > > Thanks,
> > > Karl
> > >
> > >
> > > On Wed, Sep 23, 2015 at 6:24 AM, Karl Wright <da...@gmail.com>
> wrote:
> > >
> > > > I'm afraid all that the LDAP connector does is use the provided Java
> > LDAP
> > > > library to connect to LDAP. You'll have to play around with it until
> > you
> > > > can get it to work. Once you figure it out, I'd be happy to change
> > > > whatever code is needed to help it work in your environment.
> > > >
> > > > I'd consider figuring out first of all how to turn on SSL/TLS, since
> > that
> > > > sounds like it could be the problem.
> > > >
> > > > Thanks,
> > > > Karl
> > > >
> > > >
> > > > On Wed, Sep 23, 2015 at 2:51 AM, Naveen.A.N <an...@searchblox.com>
> > > > wrote:
> > > >
> > > >> Hi Karl,
> > > >>
> > > >> Yes I am using LDAP Authority Connection .
> > > >> if I specify the port 636 it fails with Threw exception: 'Naming
> > error:
> > > >> domainname:636; socket closed'.
> > > >>
> > > >> On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <da...@gmail.com>
> > > wrote:
> > > >>
> > > >> > Hi Naveen,
> > > >> >
> > > >> > Can you back up a bit, and start with what connector you are
> using?
> > > Is
> > > >> > this the LDAP authority? If so, you can specify the port.
> > > >> >
> > > >> > Karl
> > > >> >
> > > >> >
> > > >> > On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <
> > anaveen@searchblox.com>
> > > >> > wrote:
> > > >> >
> > > >> > > Hi,
> > > >> > >
> > > >> > > When i try to connect an LDAP server it gives me this error
> > > >> > >
> > > >> > > *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028:
> > > >> LdapErr:
> > > >> > > DSID-0C090202, comment: The server requires binds to turn on
> > > integrity
> > > >> > > checking if SSL\TLS are not already active on the connection,
> data
> > > 0,
> > > >> > > v2580�]'*
> > > >> > >
> > > >> > > When i try to use the ldp.exe and try everything was working
> > fine. I
> > > >> > found
> > > >> > > that if a server uses Required signature in LDAP server it cause
> > > this
> > > >> > > issue. Is there any way to fix this?
> > > >> > >
> > > >> > > Is there a way to query the secured port?
> > > >> > > --
> > > >> > > Thanks and Regards,
> > > >> > > Naveen A.N
> > > >> > >
> > > >> >
> > > >>
> > > >>
> > > >>
> > > >> --
> > > >> Thanks and Regards,
> > > >> Naveen A.N
> > > >> Lead Software Developer
> > > >> SearchBlox Software, Inc.
> > > >> www.searchblox.com
> > > >> Ph: +91 9445389179
> > > >>
> > > >
> > > >
> > >
> >
> >
> >
> > --
> > Thanks and Regards,
> > Naveen A.N
> > Lead Software Developer
> > SearchBlox Software, Inc.
> > www.searchblox.com
> > Ph: +91 9445389179
> >
>
--
Thanks and Regards,
Naveen A.N
Lead Software Developer
SearchBlox Software, Inc.
www.searchblox.com
Ph: +91 9445389179
Re: Require signature with LDAP
Posted by Karl Wright <da...@gmail.com>.
The SSL connection ability of Java's LDAP library is, sadly, rather
limited. I will only be able to implement a "trust everything" version of
SSL because of its technical limitations. That means that we basically
don't check for certificate validity in the LDAP connector, and assume all
certs are OK.
For a client, that's usually fine, but I wanted to mention it in case that
was a blocker.
Karl
On Wed, Sep 23, 2015 at 9:17 AM, Naveen.A.N <an...@searchblox.com> wrote:
> Hi Karl,
>
> I am not sure I can work on it now. I will make some test by end of this
> week and let you know.
>
> On Wed, Sep 23, 2015 at 4:08 PM, Karl Wright <da...@gmail.com> wrote:
>
> > It looks like this is what we'll need to do to allow for SSL connections
> to
> > LDAP:
> >
> > http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
> >
> > Note that in MCF we do not permit the use of the default keystore, so
> we'd
> > have to override the socket as well with a custom keystore. This
> requires
> > a connection keystore, plus UI additions to support adding certificates
> to
> > the connection keystore. CONNECTORS-1244.
> >
> > I'm happy to work on this but I probably won't get very far until the
> > weekend.
> >
> > In the meantime, it would be great if you could confirm that you could
> > connect to your LDAP using the LDAP connector modified to specify an SSL
> > connection, with appropriate certificates added to the default Java
> > keystore.
> >
> > Thanks,
> > Karl
> >
> >
> > On Wed, Sep 23, 2015 at 6:24 AM, Karl Wright <da...@gmail.com> wrote:
> >
> > > I'm afraid all that the LDAP connector does is use the provided Java
> LDAP
> > > library to connect to LDAP. You'll have to play around with it until
> you
> > > can get it to work. Once you figure it out, I'd be happy to change
> > > whatever code is needed to help it work in your environment.
> > >
> > > I'd consider figuring out first of all how to turn on SSL/TLS, since
> that
> > > sounds like it could be the problem.
> > >
> > > Thanks,
> > > Karl
> > >
> > >
> > > On Wed, Sep 23, 2015 at 2:51 AM, Naveen.A.N <an...@searchblox.com>
> > > wrote:
> > >
> > >> Hi Karl,
> > >>
> > >> Yes I am using LDAP Authority Connection .
> > >> if I specify the port 636 it fails with Threw exception: 'Naming
> error:
> > >> domainname:636; socket closed'.
> > >>
> > >> On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <da...@gmail.com>
> > wrote:
> > >>
> > >> > Hi Naveen,
> > >> >
> > >> > Can you back up a bit, and start with what connector you are using?
> > Is
> > >> > this the LDAP authority? If so, you can specify the port.
> > >> >
> > >> > Karl
> > >> >
> > >> >
> > >> > On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <
> anaveen@searchblox.com>
> > >> > wrote:
> > >> >
> > >> > > Hi,
> > >> > >
> > >> > > When i try to connect an LDAP server it gives me this error
> > >> > >
> > >> > > *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028:
> > >> LdapErr:
> > >> > > DSID-0C090202, comment: The server requires binds to turn on
> > integrity
> > >> > > checking if SSL\TLS are not already active on the connection, data
> > 0,
> > >> > > v2580�]'*
> > >> > >
> > >> > > When i try to use the ldp.exe and try everything was working
> fine. I
> > >> > found
> > >> > > that if a server uses Required signature in LDAP server it cause
> > this
> > >> > > issue. Is there any way to fix this?
> > >> > >
> > >> > > Is there a way to query the secured port?
> > >> > > --
> > >> > > Thanks and Regards,
> > >> > > Naveen A.N
> > >> > >
> > >> >
> > >>
> > >>
> > >>
> > >> --
> > >> Thanks and Regards,
> > >> Naveen A.N
> > >> Lead Software Developer
> > >> SearchBlox Software, Inc.
> > >> www.searchblox.com
> > >> Ph: +91 9445389179
> > >>
> > >
> > >
> >
>
>
>
> --
> Thanks and Regards,
> Naveen A.N
> Lead Software Developer
> SearchBlox Software, Inc.
> www.searchblox.com
> Ph: +91 9445389179
>
Re: Require signature with LDAP
Posted by "Naveen.A.N" <an...@searchblox.com>.
Hi Karl,
I am not sure I can work on it now. I will make some test by end of this
week and let you know.
On Wed, Sep 23, 2015 at 4:08 PM, Karl Wright <da...@gmail.com> wrote:
> It looks like this is what we'll need to do to allow for SSL connections to
> LDAP:
>
> http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
>
> Note that in MCF we do not permit the use of the default keystore, so we'd
> have to override the socket as well with a custom keystore. This requires
> a connection keystore, plus UI additions to support adding certificates to
> the connection keystore. CONNECTORS-1244.
>
> I'm happy to work on this but I probably won't get very far until the
> weekend.
>
> In the meantime, it would be great if you could confirm that you could
> connect to your LDAP using the LDAP connector modified to specify an SSL
> connection, with appropriate certificates added to the default Java
> keystore.
>
> Thanks,
> Karl
>
>
> On Wed, Sep 23, 2015 at 6:24 AM, Karl Wright <da...@gmail.com> wrote:
>
> > I'm afraid all that the LDAP connector does is use the provided Java LDAP
> > library to connect to LDAP. You'll have to play around with it until you
> > can get it to work. Once you figure it out, I'd be happy to change
> > whatever code is needed to help it work in your environment.
> >
> > I'd consider figuring out first of all how to turn on SSL/TLS, since that
> > sounds like it could be the problem.
> >
> > Thanks,
> > Karl
> >
> >
> > On Wed, Sep 23, 2015 at 2:51 AM, Naveen.A.N <an...@searchblox.com>
> > wrote:
> >
> >> Hi Karl,
> >>
> >> Yes I am using LDAP Authority Connection .
> >> if I specify the port 636 it fails with Threw exception: 'Naming error:
> >> domainname:636; socket closed'.
> >>
> >> On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <da...@gmail.com>
> wrote:
> >>
> >> > Hi Naveen,
> >> >
> >> > Can you back up a bit, and start with what connector you are using?
> Is
> >> > this the LDAP authority? If so, you can specify the port.
> >> >
> >> > Karl
> >> >
> >> >
> >> > On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <an...@searchblox.com>
> >> > wrote:
> >> >
> >> > > Hi,
> >> > >
> >> > > When i try to connect an LDAP server it gives me this error
> >> > >
> >> > > *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028:
> >> LdapErr:
> >> > > DSID-0C090202, comment: The server requires binds to turn on
> integrity
> >> > > checking if SSL\TLS are not already active on the connection, data
> 0,
> >> > > v2580�]'*
> >> > >
> >> > > When i try to use the ldp.exe and try everything was working fine. I
> >> > found
> >> > > that if a server uses Required signature in LDAP server it cause
> this
> >> > > issue. Is there any way to fix this?
> >> > >
> >> > > Is there a way to query the secured port?
> >> > > --
> >> > > Thanks and Regards,
> >> > > Naveen A.N
> >> > >
> >> >
> >>
> >>
> >>
> >> --
> >> Thanks and Regards,
> >> Naveen A.N
> >> Lead Software Developer
> >> SearchBlox Software, Inc.
> >> www.searchblox.com
> >> Ph: +91 9445389179
> >>
> >
> >
>
--
Thanks and Regards,
Naveen A.N
Lead Software Developer
SearchBlox Software, Inc.
www.searchblox.com
Ph: +91 9445389179
Re: Require signature with LDAP
Posted by Karl Wright <da...@gmail.com>.
It looks like this is what we'll need to do to allow for SSL connections to
LDAP:
http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
Note that in MCF we do not permit the use of the default keystore, so we'd
have to override the socket as well with a custom keystore. This requires
a connection keystore, plus UI additions to support adding certificates to
the connection keystore. CONNECTORS-1244.
I'm happy to work on this but I probably won't get very far until the
weekend.
In the meantime, it would be great if you could confirm that you could
connect to your LDAP using the LDAP connector modified to specify an SSL
connection, with appropriate certificates added to the default Java
keystore.
Thanks,
Karl
On Wed, Sep 23, 2015 at 6:24 AM, Karl Wright <da...@gmail.com> wrote:
> I'm afraid all that the LDAP connector does is use the provided Java LDAP
> library to connect to LDAP. You'll have to play around with it until you
> can get it to work. Once you figure it out, I'd be happy to change
> whatever code is needed to help it work in your environment.
>
> I'd consider figuring out first of all how to turn on SSL/TLS, since that
> sounds like it could be the problem.
>
> Thanks,
> Karl
>
>
> On Wed, Sep 23, 2015 at 2:51 AM, Naveen.A.N <an...@searchblox.com>
> wrote:
>
>> Hi Karl,
>>
>> Yes I am using LDAP Authority Connection .
>> if I specify the port 636 it fails with Threw exception: 'Naming error:
>> domainname:636; socket closed'.
>>
>> On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <da...@gmail.com> wrote:
>>
>> > Hi Naveen,
>> >
>> > Can you back up a bit, and start with what connector you are using? Is
>> > this the LDAP authority? If so, you can specify the port.
>> >
>> > Karl
>> >
>> >
>> > On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <an...@searchblox.com>
>> > wrote:
>> >
>> > > Hi,
>> > >
>> > > When i try to connect an LDAP server it gives me this error
>> > >
>> > > *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028:
>> LdapErr:
>> > > DSID-0C090202, comment: The server requires binds to turn on integrity
>> > > checking if SSL\TLS are not already active on the connection, data 0,
>> > > v2580�]'*
>> > >
>> > > When i try to use the ldp.exe and try everything was working fine. I
>> > found
>> > > that if a server uses Required signature in LDAP server it cause this
>> > > issue. Is there any way to fix this?
>> > >
>> > > Is there a way to query the secured port?
>> > > --
>> > > Thanks and Regards,
>> > > Naveen A.N
>> > >
>> >
>>
>>
>>
>> --
>> Thanks and Regards,
>> Naveen A.N
>> Lead Software Developer
>> SearchBlox Software, Inc.
>> www.searchblox.com
>> Ph: +91 9445389179
>>
>
>
Re: Require signature with LDAP
Posted by Karl Wright <da...@gmail.com>.
I'm afraid all that the LDAP connector does is use the provided Java LDAP
library to connect to LDAP. You'll have to play around with it until you
can get it to work. Once you figure it out, I'd be happy to change
whatever code is needed to help it work in your environment.
I'd consider figuring out first of all how to turn on SSL/TLS, since that
sounds like it could be the problem.
Thanks,
Karl
On Wed, Sep 23, 2015 at 2:51 AM, Naveen.A.N <an...@searchblox.com> wrote:
> Hi Karl,
>
> Yes I am using LDAP Authority Connection .
> if I specify the port 636 it fails with Threw exception: 'Naming error:
> domainname:636; socket closed'.
>
> On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <da...@gmail.com> wrote:
>
> > Hi Naveen,
> >
> > Can you back up a bit, and start with what connector you are using? Is
> > this the LDAP authority? If so, you can specify the port.
> >
> > Karl
> >
> >
> > On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <an...@searchblox.com>
> > wrote:
> >
> > > Hi,
> > >
> > > When i try to connect an LDAP server it gives me this error
> > >
> > > *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028:
> LdapErr:
> > > DSID-0C090202, comment: The server requires binds to turn on integrity
> > > checking if SSL\TLS are not already active on the connection, data 0,
> > > v2580�]'*
> > >
> > > When i try to use the ldp.exe and try everything was working fine. I
> > found
> > > that if a server uses Required signature in LDAP server it cause this
> > > issue. Is there any way to fix this?
> > >
> > > Is there a way to query the secured port?
> > > --
> > > Thanks and Regards,
> > > Naveen A.N
> > >
> >
>
>
>
> --
> Thanks and Regards,
> Naveen A.N
> Lead Software Developer
> SearchBlox Software, Inc.
> www.searchblox.com
> Ph: +91 9445389179
>
Re: Require signature with LDAP
Posted by "Naveen.A.N" <an...@searchblox.com>.
Hi Karl,
Yes I am using LDAP Authority Connection .
if I specify the port 636 it fails with Threw exception: 'Naming error:
domainname:636; socket closed'.
On Wed, Sep 23, 2015 at 11:26 AM, Karl Wright <da...@gmail.com> wrote:
> Hi Naveen,
>
> Can you back up a bit, and start with what connector you are using? Is
> this the LDAP authority? If so, you can specify the port.
>
> Karl
>
>
> On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <an...@searchblox.com>
> wrote:
>
> > Hi,
> >
> > When i try to connect an LDAP server it gives me this error
> >
> > *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028: LdapErr:
> > DSID-0C090202, comment: The server requires binds to turn on integrity
> > checking if SSL\TLS are not already active on the connection, data 0,
> > v2580�]'*
> >
> > When i try to use the ldp.exe and try everything was working fine. I
> found
> > that if a server uses Required signature in LDAP server it cause this
> > issue. Is there any way to fix this?
> >
> > Is there a way to query the secured port?
> > --
> > Thanks and Regards,
> > Naveen A.N
> >
>
--
Thanks and Regards,
Naveen A.N
Lead Software Developer
SearchBlox Software, Inc.
www.searchblox.com
Ph: +91 9445389179
Re: Require signature with LDAP
Posted by Karl Wright <da...@gmail.com>.
Hi Naveen,
Can you back up a bit, and start with what connector you are using? Is
this the LDAP authority? If so, you can specify the port.
Karl
On Tue, Sep 22, 2015 at 10:27 PM, Naveen.A.N <an...@searchblox.com> wrote:
> Hi,
>
> When i try to connect an LDAP server it gives me this error
>
> *Threw exception: 'Naming error: [LDAP: error code 8 - 00002028: LdapErr:
> DSID-0C090202, comment: The server requires binds to turn on integrity
> checking if SSL\TLS are not already active on the connection, data 0,
> v2580�]'*
>
> When i try to use the ldp.exe and try everything was working fine. I found
> that if a server uses Required signature in LDAP server it cause this
> issue. Is there any way to fix this?
>
> Is there a way to query the secured port?
> --
> Thanks and Regards,
> Naveen A.N
>