I'm looking for a tool that will allow me to create Windows shortcuts on a Unix (BSD) machine. Can anyone point me to one? Thanks in advance.
I'm having a hard time migrating our openldap installation from Debian to RedHat.
Two instances of openldap are running, they have the same configuration, except that one handles ldap: requests, and the other one ldaps: requests.
netstat shows that they are both listening:
sudo netstat -avp --tcp | grep ldap
tcp 0 0 *:ldap *:* LISTEN 11348/slapd
tcp 0 0 vldap-test-1.ceti.etat-:ssh 10.137.79.116:50842 ESTABLISHED 10461/sshd
tcp 0 0 vldap-test-1.ceti.etat-:ssh 10.137.79.116:49164 ESTABLISHED 7993/sshd
tcp 0 64 vldap-test-1.ceti.etat-:ssh 10.137.79.116:50815 ESTABLISHED 10281/sshd
tcp 0 0 *:ldaps *:* LISTEN 11344/slapd
tcp 0 0 *:ldap *:* LISTEN 11348/slapd
I'm not sure why two lines are shown for ldap, and only one for ldaps... whatever...
The ldap: requests work fine, but the ldaps: requests don't.
What's more puzzling, is that when I type the following command:
sudo openssl s_client -connect vldap-test-1:636 -showcerts
Or, with the IP address:
sudo openssl s_client -connect 10.145.24.112:636 -showcerts
I'm getting:
socket: Connection refused
connect:errno=111
whereas when I use localhost (not 127.0.0.1):
sudo openssl s_client -connect localhost:636 -showcerts
I'm getting:
CONNECTED(00000003)
depth=0 CN = vldap-test, OU = DGSI, O = Etat, L = GE, ST = GE, C = CH
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = vldap-test, OU = DGSI, O = Etat, L = GE, ST = GE, C = CH
verify return:1
---
Certificate chain
0 s:/CN=vldap-test/OU=DGSI/O=Etat/L=GE/ST=GE/C=CH
i:/CN=vldap-test/OU=DGSI/O=Etat/L=GE/ST=GE/C=CH
-----BEGIN CERTIFICATE-----
MIICOzCCAaSgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWjETMBEGA1UEAxMKdmxk
YXAtdGVzdDENMAsGA1UECxMEREdTSTENMAsGA1UEChMERXRhdDELMAkGA1UEBxMC
... etc...
Can anyone help me understand what's happening here?
Thanks in advance
UPDATE:
It seems that the ldap: instance is listening both IPv6 and IPv4 but the ldaps: version is listening only IPv6.
How can I fix this?
I am trying to implement kerberos SSO in our network using spnego on a tomcat server.
We have created an account (TCNKRBGINA) on the domain for the preauthentication, and setspn'ed it to the http server:
Setspn -A HTTPS/testtech.etat-ge.ch TCNKRBGINA
Setspn -A HTTP/testtech.etat-ge.ch TCNKRBGINA
But the client (IE or Firefox) sends an NTLM token instead of a kerberos ticket.
The problem doesn't seem to be on the server side because, when no Authorization header is sent, it correctly returns a 401 status code with a WWW-Authenticate: Negotiate header. The next request sent by the client contains the NTLM token, before the server had a chance to contact the domain controller.
I see that OpenLDAP has a backend for Unix sockets, but can it be used with IP sockets? or does an IP-socket backend exists?
I am using ubuntu 9.10, and I would like to associate thunderbird to all the files with the extension .eml. The problem is that is seems that ubuntu is attributing the mime type text/plain to these files, based on their content, which meens that if I set thunderbird as the default application for .eml files, all the other text files (.txt for instance) will be opened with thunderbird. Is it possible to add a rule to impose a mime type based on the file extension, regardless of its content?