Search Results

Search found 26263 results on 1051 pages for 'linux guest'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 335/1051 | < Previous Page | 331 332 333 334 335 336 337 338 339 340 341 342  | Next Page >

  • ls returns nothing only in certain directories

    - by Jakobud
    I have a raid drive mounted here: /data/ And certain directories like this one: /data/somedir/somesubdir/ when I run ls w/ or w/o any flags, terminal doesn't return anything. It does not return an empty directory listing. It simply goes to the next line and sits there blank with no prompt coming up. I cannot CTRL-C out of it. I have to close this terminal instance and start over. At first I thought it was something to do with the ls command, but its pointing to /bin/ls and I can ls other directories just fine. Also, running this find /data/somedir/somesubdir immediately finds all the files just as expected.

    Read the article

  • Trouble with apache saarting on boot with ssl api key

    - by molleman
    Im Running on Centos, the trouble is when i restart my server i need to start my apache and varnish service I use this to start both of them service httpd restart && service varnish restart But i would likw both of them to start when i reboot the server I read i could use this chkconfig httpd on But this is only for apache could i do this chkconfig varnish on Finally when i do y usual start of httpd , i am asked for my api key for SSL , am i able to incorporate this into resarting both varnish and httpd on start up. Or am i doomed to run this command everytime i resart

    Read the article

  • MegaCLI always returns blank output

    - by JamesHannah
    This server is a Dell R200 running Ubuntu 8.04LTS using a LSI SAS1068E raid card supplied from Dell, I suspect that there might be some kind of RAID issue with the hardware raid built into the motherboard, but I can't seem to get MegaCLi to return any useful output: root@81 $ ./MegaCli -AdpAllInfo -aALL root@81 $ ./MegaCli -PDList -aALL root@81 $ The disks work and AFAIK the raid software is installed correctly. I've seen this issue on RedHat issues also in the past. The RAID was initially setup through the BIOS on this server and appears to be functioning fine apart from this.

    Read the article

  • Debian 7: "Failure of key exchange and association"

    - by pyrogoggles
    I'm installing Debian using the Live CD with GNOME and the non-free packages. The internet works just fine when using the live CD, but when you try to open the installer and select a network, it gives me the error of "Failure of key exchange and association". I've put everything in right, and tried multiple times. However, it never works. Am I just going to have to use ethernet to install? Thanks, people.

    Read the article

  • What does the suffix 'w' and 'd' mean with 'TIME+' in top?

    - by ssapkota
    Here's a chunk of the top from my server: PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 18878 www-data 20 0 200m 13m 4704 S 0 0.2 0:00.07 apache2 12374 root 20 0 197m 9460 4480 S 0 0.1 21212906w apache2 9136 root 20 0 79100 3488 2716 S 0 0.0 54518724d sshd I know the TIME+ means the total CPU time the task has used since it started. But in the above output, I simply couldn't understand what 21212906w and 54518724d mean? some considerable no of processes are showing the TIME+ with w and d prefixed. What does this mean? Is the server in trouble? Just to let you know - the server uptime is 4days. EDIT: - I can guess these refer week and days. If so why is it so large considering the uptime? - The server has 8 cores.

    Read the article

  • OSSEC agent behind NAT

    - by Eric
    I am working on an OSSEC deployment where I will have multiple agents behind 1 public IP. Below is an example of the setup Private Network OSSEC-Agent1 (192.168.1.10) OSSEC-Agent2 (192.168.50.33) OSSEC-Agent3 (10.10.10.1) Those IPs NAT to 1 public IP (1.1.1.1) Then 1.1.1.1 talks to the public OSSEC server on 2.2.2.2 I've read some OSSEC documentation talking about NAT here, but it doesn't tell me exactly what I need to know. Their example is using an entire /24 subnet and mine will mainly have multiple agents to only 1 public IP. With the setup so far, I brought Agent1 online fine and it is communicating to the OSSEC server. However Agent2 continues to fail trying to connect to 2.2.2.2. Even though when I added the key, I had the correct name for it, so I know it talked to the portal at least once for that information. I'm assuming it's just getting confused with the multiple keys to 1 public IP. I basically want to know if this is possible and/or if I'm just overlooking something simple. Any help would be greatly appreciated.

    Read the article

  • What does "link to unknown" mean?

    - by Question Overflow
    I just upgraded my server to Fedora 17 which made a switch of my bootloader from GRUB Legacy to GRUB2. There are two symbolic links in the /etc folder that points to the files grub.conf and grub.cfg in /boot/grub and /boot/grub2 respectively. Though the targets seem correct, the link icons are displaying an X status which seems to indicate that the links are broken. Upon right-clicking the property type, it states "link to unknown". The file size of the link corresponds exactly with the file size of the target file, so, why does the links appear to be broken? The image of the link icons: As requested, the following are the outputs from the commands: $ ls -l /etc/grub.conf lrwxrwxrwx. 1 root root 22 Jul 14 2011 /etc/grub.conf -> ../boot/grub/grub.conf $ ls -l /etc/grub2.cfg lrwxrwxrwx. 1 root root 22 Dec 10 18:57 /etc/grub2.cfg -> ../boot/grub2/grub.cfg

    Read the article

  • I install Ubuntu 13.10 and reboot and im on KDE desktop?

    - by jgamer578
    Hi I'm Jacob and I have no idea what's going on. I installed Ubuntu 13.10 today and was playing around with it for a while and dl'd a bunch of apps from software center and stuff. Eventually I installed steam and (finally) got it working. I downloaded TF2 and had some weird issue where the screen got so distorted to the point I could not play. So I dl'd a driver for my graphics card from the additional drivers app (or whatever it's called) and when it was done I restarted my computer (because it said to.) When the PC booted up it loaded the KDE desktop and I have no idea why. I had unity before I rebooted. Ubuntu 13.10 is the only OS installed on my PC, and I still have all the apps that I downloaded, but I kinda like unity (I started using Ubuntu after they switched to unity) and want it back. Thanks for reading and any help in advance, Jacob.

    Read the article

  • Copying symbolic links and filenames with special characters to NAS

    - by Mr E
    I have a new Western Digital My Book Live NAS. I am trying to copy files from an old drive to the NAS. I'm using Ubuntu 12.04 and I've mounted the drive by browsing the network in Nautilus and choosing a shared folder configured on the NAS. The shared folder is then automatically mounted at .gvfs/files on mybooklive. There are two problems so far: File names and directory names containing certain characters (e.g. : or |). Attempting to copy these results in the error message: cp: cannot stat `/path/to/destination.filename': Invalid argument Symbolic links. In Nautilus I get the error message: Symlinks not supported by backend My questions are: Can I connect to the NAS or configure the NAS so that I can copy my files without this problem? (In case it matters, I don't need Windows compatibility.) If not, what can I do to identify all the problem files? Can I do anything to automatically fix my filenames Please let me know if any of this needs clarification. I'm not too familiar with all of this so I may have left out some useful information.

    Read the article

  • Windows 8 won't boot after Boot Repair

    - by Rudolph Gottesheim
    I've got a Sony Vaio laptop. Until yesterday I had Windows 7 and Ubuntu 12.04 installed. Today I upgraded to Windows 8, which killed my OS selection screen. So I booted to Ubuntu 12.10 from a USB stick and ran Boot Repair. This recovered the GRUB screen and let me boot into my Ubuntu 12.04 installation, but now I can' boot Windows 8. When I select the option that booted Windows 7 before, it looks like it wants to start Windows 7 (sic) again (black screen, with the text "Windows is loading" or something), but then reboots the machine after a few seconds. I'm sure Boot Repair can fix this, but I know far too little about the whole booting thing to know the right settings for it. Here's my boot repair report thing.

    Read the article

  • How to solve "Broken Pipe" error when using awk with head

    - by Jon
    I'm getting broken pipe errors from a command that does something like: ls -tr1 /a/path | awk -F '\n' -vpath=/prepend/path/ '{print path$1}' | head -n 50 Essentially I want to list (with absolute path) the oldest X files in a directory. What seems to happen is that the output is correct (I get 50 file paths output) but that when head has output the 50 files it closes stdin causing awk to throw a broken pipe error as it is still outputting more rows.

    Read the article

  • Wake On Lan for Fedora 12

    - by Toymakerii
    I have a fedora 12 box that I am using as a sandbox for web development and a few other toys. The box gets really hot so I would like it to sleep/hibernate when no one is using it, however most of the people connecting to the box will not be able to access it physically. Is it possible to set up a Wake On Lan that wakes up the machine when it detects an SSH connection? A google search didn't yield much information. (or atleast I wasn't smart enough to register it as useful!)

    Read the article

  • Stop squid caching 302 and 307 with deny_info

    - by 0xception
    TLDR: 302, 307 and Error pages are being cached. Need to force a refresh of the content. Long version: I've setup a very minimal squid instance running on a gateway which shouldn't not cache ANYTHING but needs to be solely used as a domain based web filter. I'm using another application which redirects un-authenticated users to the proxy which then uses the deny_info option redirects any non-whitelisted request to the login page. After the user has authenticated the firewall rule gets placed so they no longer get sent to the proxy. The problem is that when a user hits a website (xkcd.com) they are unauthenticated so they get redirected via the firewall: iptables -A unknown-user -t nat -p tcp --dport 80 -j REDIRECT --to-port 39135 to the proxy at this point squid redirects the user to the login page using a 302 (i've also tried 307, and i've also make sure the headers are set to no-cache and/or no-store for Cache-Control and Pragma). Then when the user logs into the system they get firewall rule which no longer directs them to the squid proxy. But if they go to xkcd.com again they will have the original redirection page cached and will once again get the login page. Any idea how to force these redirects to NOT be cached by the browser? Perhaps this is a problem w/ the browsers and not squid, but not sure how to get around it. Full squid config below. # # Recommended minimum configuration: # acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl localnet src 192.168.182.0/23 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl https port 443 acl http port 80 acl CONNECT method CONNECT # # Disable Cache # cache deny all via off negative_ttl 0 seconds refresh_all_ims on #error_default_language en # Allow manager access only from localhost http_access allow manager localhost http_access deny manager # Deny access to anything other then http http_access deny !http # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !https visible_hostname gate.ovatn.net # Disable memory pooling memory_pools off # Never use neigh cache objects for cgi-bin scripts hierarchy_stoplist cgi-bin ? # # URL rewrite Test Settings # #acl whitelist dstdomain "/etc/squid/domains-pre.lst" #url_rewrite_program /usr/lib/squid/redirector #url_rewrite_access allow !whitelist #url_rewrite_children 5 startup=0 idle=1 concurrency=0 #http_access allow all # # Deny Info Error Test # acl whitelist dstdomain "/etc/squid/domains-pre.lst" deny_info http://login.domain.com/ whitelist #deny_info ERR_ACCESS_DENIED whitelist http_access deny !whitelist http_access allow whitelist http_port 39135 transparent ## Debug Values access_log /var/log/squid/access-pre.log cache_log /var/log/squid/cache-pre.log # Production Values #access_log /dev/null #cache_log /dev/null # Set PID file pid_filename /var/run/gatekeeper-pre.pid SOLUTION: I believe I might have found a solution to this. After days and days trying to figure it out, only through a random stumble I found client_persistent_connections off server_persistent_connections off This did the trick. So it wasn't so much cache as it was a single persistent connection messing things up. W000T!

    Read the article

  • Unix Permissions issue with users belonging to the same group accessing a folder

    - by TK Kocheran
    I have a folder I'd really like to allow another user on this machine access to. I'm using mt-daapd to serve music to the network, so I'd like to enable the mt-daapd user to access my Music directory, /home/rfkrocktk/Music. The master user is rfkrocktk obviously. I've tried to set all of my permissions properly on the directory, but the mt-daapd user can't acces the files. I created a group called media-users and added both rfkrocktk and mt-daapd to it in order to give mt-daapd permission to simply read all of the files in that directory and subdirectories. If I run id on each of my users, here's what's displayed: $ id rfkrocktk > uid=1000(rfkrocktk) gid=1000(rfkrocktk) groups=1000(rfkrocktk),4(adm),20(dialout),24(cdrom),29(audio),46(plugdev),104(lpadmin),115(admin),120(sambashare),124(vboxusers),1001(jupiter),2002(media-users) $ id mt-daapd > uid=123(mt-daapd) gid=65534(nogroup) groups=65534(nogroup),2002(media-users) It definitely seems that both users are a part of the media-users group, so what could be going wrong? If I run ls -l on the actual Music directory to see its permissions, here's the output: drwxr-Sr-- 201 rfkrocktk media-users 12288 2011-01-13 12:26 Music If I run ls -l on the Music directory to get its children, here's the output: drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-12-20 15:31 2DBoy drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-05-25 12:50 ABBA drwxr-Sr-- 3 rfkrocktk media-users 4096 2009-12-28 15:19 Access Denied drwxr-Sr-- 10 rfkrocktk media-users 4096 2009-12-28 15:19 AC-DC drwxr-Sr-- 3 rfkrocktk media-users 4096 2009-12-28 15:19 Aerosmith drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-06-04 10:45 A Flock of Seagulls drwxr-Sr-- 4 rfkrocktk media-users 4096 2010-05-28 18:13 Alestorm drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-06-22 23:29 Amon Amarth drwxr-Sr-- 5 rfkrocktk media-users 4096 2009-12-28 15:19 Anberlin ... From this, it would seem that I should be able to access the folders from mt-daapd, but I can't. Running sudo -i -u mt-daapd ls -l /home/rfkrocktk/Music displays nothing, indicating to me that for whatever reason, mt-daapd doesn't have access to read the folder. What am I doing wrong?

    Read the article

  • Vim Stuck In Insert Mode

    - by Levi Hackwith
    I've been using Vim for several months now via my web host (they allow putty access). All of a sudden, the escape key has become unresponsive. I cannot exist insert or any other mode by simply hitting escape. I have to hit F1 which brings up the help in vim and kicks me into command mode. I'm most certain that my escape key on my keyboard is functioning fine since all of my windows shortcuts that use the escape key operate normally. I know this is a ridiculous question and I'm certain there's a lot more to look into regarding a solution. What I really need is a solid lead as to where to start looking. Things that might help: I'm using vim via putty I'm logging in using jailshell I'm not root

    Read the article

  • Secondary IP (eth0:0) acts like main server IP

    - by George Tasioulis
    I have a CentOS server, configured with 4 consecutive IPs: eth0 5.x.x.251 eth0:0 5.x.x.252 eth0:1 5.x.x.253 eth0:2 5.x.x.254 The problem is that all traffic goes out to the internet with eth0:0 (5.x.x.252) as the source IP, instead of eth0. # curl ifconfig.me 5.x.x.252 How can I fix this, so that all traffic goes out via eth0, ie my main IP? PS: My server is VPS running on a Xen dom0, the latter being configured in routed mode networking. Thanks in advance! Server configuration # ifconfig eth0 Link encap:Ethernet HWaddr 00:x:x:x:x:AE inet addr:5.x.x.251 Bcast:5.x.x.255 Mask:255.255.255.255 inet6 addr: fe80::x:x:x:x/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14675569 errors:0 dropped:0 overruns:0 frame:0 TX packets:9463227 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4122016502 (3.8 GiB) TX bytes:25959110751 (24.1 GiB) Interrupt:23 eth0:0 Link encap:Ethernet HWaddr 00:x:x:x:x:AE inet addr:5.x.x.252 Bcast:5.x.x.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:23 eth0:1 Link encap:Ethernet HWaddr 00:x:x:x:x:AE inet addr:5.x.x.253 Bcast:5.x.x.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:23 eth0:2 Link encap:Ethernet HWaddr 00:x:x:x:x:AE inet addr:5.x.x.254 Bcast:5.x.x.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:23 # cat /etc/hosts 127.0.0.1 localhost.localdomain localhost 5.x.x.251 [fqdn] [hostname] # cat ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static ONBOOT=yes IPADDR=5.x.x.251 NETMASK=255.255.255.224 SCOPE="peer 5.x.y.82" # cat ifcfg-eth0:0 DEVICE=eth0:0 BOOTPROTO=static ONBOOT=yes IPADDR=5.x.x.252 NETMASK=255.255.255.224 # cat route-eth0 ADDRESS0=0.0.0.0 NETMASK0=0.0.0.0 GATEWAY0=5.x.y.82 # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 5.x.y.82 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 5.x.x.224 0.0.0.0 255.255.255.224 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 5.x.y.82 0.0.0.0 UG 0 0 0 eth0

    Read the article

  • How do I remove Xen kernel and put normal kernel on RHEL 5

    - by yan bellavance
    I have 3 identical machines (hardware wise) that all have RHEL 5.3 installed. 2 of those machines have the Xen kernel and one doesnt. I cannot install nvidia drivers on the ones that have the xen kernel and so I was wondering how I managed to do this and how to replace them with normal kernels. Could this of happened during install time when for example I was queried on certain components to install? (development,virtualization, webserver)

    Read the article

  • help with xorg.conf: xrandr on one of two widescreen monitors; rhel5, kde, ATI Radeon X1300

    - by user35997
    Can anyone help with me configure my dual-screen monitors for rotation? I have xrandr 1.1. Have tried various approaches, nothing takes. I can't even get the xrandr options to show up in KDE's Display control panel. Thanks1 My lspci output: 03:00.0 VGA compatible controller: ATI Technologies Inc RV516 [Radeon X1300/X1550 Series] My current xorg.conf (works, minus screen rotation): # Xorg configuration created by system-config-display Section "ServerLayout" Identifier "Multihead layout" Screen 0 "aticonfig-Screen[0]" 0 0 InputDevice "Keyboard0" "CoreKeyboard" Option "Xinerama" "off" Option "Clone" "on" EndSection Section "Files" EndSection Section "Module" EndSection Section "InputDevice" Identifier "Keyboard0" Driver "kbd" Option "XkbModel" "pc105" Option "XkbLayout" "us" EndSection Section "Monitor" ### Comment all HorizSync and VertSync values to use DDC: Identifier "Monitor1" VendorName "Monitor Vendor" ModelName "Dell 2407WFP (Digital)" HorizSync 30.0 - 83.0 VertRefresh 56.0 - 76.0 Option "dpms" EndSection Section "Monitor" Identifier "aticonfig-Monitor[0]" Option "VendorName" "ATI Proprietary Driver" Option "ModelName" "Generic Autodetecting Monitor" Option "DPMS" "true" EndSection Section "Device" Identifier "Videocard0" Driver "vesa" EndSection Section "Device" Identifier "Videocard1" Driver "vesa" VendorName "Videocard Vendor" BoardName "ATI Technologies Inc RV516 [Radeon X1300/X1550 Series]" BusID "PCI:3:0:0" EndSection Section "Device" Identifier "aticonfig-Device[0]" Driver "fglrx" Option "DesktopSetup" "horizontal" EndSection Section "Screen" Identifier "Screen0" Device "Videocard0" DefaultDepth 16 SubSection "Display" Viewport 0 0 Depth 24 EndSubSection SubSection "Display" Viewport 0 0 Depth 16 EndSubSection EndSection Section "Screen" Identifier "Screen1" Device "Videocard1" Monitor "Monitor1" DefaultDepth 16 SubSection "Display" Viewport 0 0 Depth 16 Modes "1920x1200" "1280x1024" "800x600" EndSubSection EndSection Section "Screen" Identifier "aticonfig-Screen[0]" Device "aticonfig-Device[0]" Monitor "aticonfig-Monitor[0]" DefaultDepth 24 SubSection "Display" Viewport 0 0 Depth 24 Modes "1920x1200" "1280x1024" "800x600" EndSubSection EndSection

    Read the article

  • User and group permissions in access.conf

    - by Maddie
    How do I configure access.conf so that the following rule is applied? : Allow the user dia to connect from 192.152.100. Deny the user sim to connect from 192.152.100. Particularity : both the users dia (uid = 8389753) and sim (uid = 500) belong to the group sim (gid = 500) Yes, the user and group sim have the same name and the same id. With the follwing syntax, - : sim : 192.152.100. the user sim is denied, as well as dia (because dia belongs to the group sim). access.conf considers sim as being both the user and group. How do I specify that I want to deny the user sim, but at the same time allow the user dia ?

    Read the article

  • Persuading openldap to work with SSL on Ubuntu with cn=config

    - by Roger
    I simply cannot get this (TLS connection to openldap) to work and would appreciate some assistance. I have a working openldap server on ubuntu 10.04 LTS, it is configured to use cn=config and most of the info I can find for TLS seems to use the older slapd.conf file :-( I've been largely following the instructions here https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html plus stuff I've read here and elsewhere - which of course could be part of the problem as I don't totally understand all of this yet! I have created an ssl.ldif file as follows; dn:cn=config add: olcTLSCipherSuite olcTLSCipherSuite: TLSV1+RSA:!NULL add: olcTLSCRLCheck olcTLSCRLCheck: none add: olcTLSVerifyClient olcTLSVerifyClient: never add: olcTLSCACertificateFile olcTLSCACertificateFile: /etc/ssl/certs/ldap_cacert.pem add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ssl/certs/my.domain.com_slapd_cert.pem add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ssl/private/my.domain.com_slapd_key.pem and I import it using the following command line ldapmodify -x -D cn=admin,dc=mydomain,dc=com -W -f ssl.ldif I have edited /etc/default/slapd so that it has the following services line; SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" And everytime I'm making a change, I'm restarting slapd with /etc/init.d/slapd restart The following command line to test out the non TLS connection works fine; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldap://mydomain.com" "cn=roger*" But when I switch to ldaps using this command line; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldaps://mydomain.com" "cn=roger*" This is what I get; ldap_url_parse_ext(ldaps://mydomain.com) ldap_create ldap_url_parse_ext(ldaps://mydomain.com:636/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP mydomain.com:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: can't connect: A TLS packet with unexpected length was received.. ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Now if I check netstat -al I can see; tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:https *:* LISTEN tcp 0 0 *:ldaps *:* LISTEN tcp 0 0 *:ldap *:* LISTEN I'm not sure if this is significant as well ... I suspect it is; openssl s_client -connect mydomain.com:636 -showcerts CONNECTED(00000003) 916:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: I think I've made all my certificates etc OK and here are the results of some checks; If I do this; certtool -e --infile /etc/ssl/certs/ldap_cacert.pem I get Chain verification output: Verified. certtool -e --infile /etc/ssl/certs/mydomain.com_slapd_cert.pem Gives "certtool: the last certificate is not self signed" but it otherwise seems OK? Where have I gone wrong? Surely getting openldap to run securely on ubuntu should be easy and not require a degree in rocket science! Any ideas?

    Read the article

  • can't figure out why apache LDAP auth fails

    - by SethG
    Suddenly, yesterday, one of my apache servers became unable to connect to my LDAP (AD) server. I have two sites running on that server, both of which use LDAP to auth against my AD server when a user logs in to either site. It had been working fine two days ago. For reasons unknown, as of yesterday, it stopped working. The error log only says this: auth_ldap authenticate: user foo authentication failed; URI /FrontPage [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: http://mysite.com/ I thought perhaps my self-signed SSL cert had expired, so I created a new one for mysite.com, but not for the server hostname itself, and the problem persisted. I enabled debug-level logging. It shows the full SSL transaction with the LDAP server, and it appears to complete without errors until the very end when I get the "Can't contact LDAP server" message. I can run ldapsearch from the commandline on this server, and I can login to it, which also uses LDAP, so I know that the server can connect to and query the LDAP/AD server. It is only apache that cannot connect. Googling for an answer has turned up nothing, so I'm asking here. Can anybody provide insight to this problem? Here's the LDAP section from the apache config: <Directory "/web/wiki/"> Order allow,deny Allow from all AuthType Basic AuthName "Login" AuthBasicProvider ldap AuthzLDAPAuthoritative off #AuthBasicAuthoritative off AuthLDAPUrl ldaps://domain.server.ip/dc=full,dc=context,dc=server,dc=name?sAMAccountName?sub AuthLDAPBindDN cn=ldapbinduser,cn=Users,dc=full,dc=context,dc=server,dc=name AuthLDAPBindPassword password require valid-user </Directory>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 331 332 333 334 335 336 337 338 339 340 341 342  | Next Page >