ldap_bind: Confidentiality required (13)
21,634
Solution 1
In /etc/ldap/ldap.conf
, set:
SSL start_tls
TLS_REQCERT never
(Add the second line if you're using a self-signed certificate.)
Solution 2
From the openldap site I found this that should help you
Normally the error message in your subject is as a result of the server requiring encryption of some kind. For example, you might have set:
security tls=1
or similar, in which case you need to use ldaps://
or start_tls (-Z
):
[bgmilne@comanche ~]$ ldapsearch -x -LLL "(uid=bgmilne)" 1.1
ldap_bind: Confidentiality required (13)
additional info: TLS confidentiality required
[bgmilne@comanche ~]$ ldapsearch -Z -x -LLL "(uid=bgmilne)" 1.1
dn: uid=bgmilne,ou=People,dc=ranger,dc=dnsalias,dc=com
A quick summery is open a terminal and use
ldaps://
or
start_tls (-Z):
To start your prosses
Related videos on Youtube
Author by
Sayed Ahmad
Updated on September 18, 2022Comments
-
Sayed Ahmad over 1 year
I want to configure ldap with ssl so I used openssl for certificate and when I enable olcSecurity tls=1 in /etc/ldap/slapd.d/cn=config.ldif and now when I try to use ldapsearch or try to login it gives this message ldap_bind: Confidentiality required (13). Help please
-
Sayed Ahmad over 9 yearsnot working again I am getting the same error message
-
Sayed Ahmad over 9 yearsthis command shows nothing
-
Mark Kirby over 9 yearsDoes the following mean anything to you You must have a "ssf" setting in your slapd.conf/slapd.d
-
Sayed Ahmad over 9 yearsyes I try both of them but I don't know about ssf
-
Mark Kirby over 9 yearsI dont use the program so just trying to troubleshoot here : Does this mean anything to you : Turn on the "Allow Clear Text Password" or tick off the "Required TLS for simple binds with password" box on the LDAP Group object in ConsoleOne
-
Mark Kirby over 9 yearsThis is a very complex subject I beleve this information may be useful to you linuxlasse.net/linux/howtos/…
-
Greg Schmit about 7 yearsThe -Z option you mentioned helped me. I don't know why I didn't think of it since I used it with ldapsearch...
-
NicoKowe almost 5 yearsThe answer is below. add -Z to ldapsearch