OpenLdap TLS authentication setup

tls ubuntu-12.04 openldap

These are SINGLE-VALUE. Use replace instead of add.

Also note, changes in the attributes may require a restart of slapd. (Not everything is a run-time configurable as we'd like.)

Your schema is probably:

attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.70 NAME 'olcTLSCertificateFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.71 NAME 'olcTLSCertificateKeyFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

A little explaination: ldapmodify add causes slapd to make sure you aren't putting in the attribute valie pair twice by doing an equality match. From what I can tell it should be using 2.5.13.6 NAME 'caseExactOrderingMatch', but I've not sure I've ever tried an add for these attributes. This behavior might be completely normal.

Related

Linux - if I change the hostname, which services need to be restarted?
SSD for swap on Ubuntu server
How to cap bandwidth usage on AWS EC2?
AWS VPC - why have a private subnet at all?
How safe are Windows Active Directory Schema Updates?
How to check postfix server using telnet
How to get free space from mounted drive Redhat 7
iptables nat does not exist
SSH session never closes when executing "apt-get install"
Where can I look up for the ntpd log?
How to safely kick out other users logged in as root?
Barracuda spam filter alternative - virtualization/appliance friendly?