• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

HowTO: Setup an LDAP server and Client CentOS 6.2

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
cowlesav said:
First of all, thank you very much Stratus your posts have been quite helpful.

I am in the process of upgrading all of our infrastructure from EL5 to EL6, and have planned to do away with an old EL5.i386 ldap server for a while. I setup a new ldap server with a self signed cert and answering on port 636, all the SSL parts seem to work as planned.

Following the client instructions that you have posted got my client at least bound with my ldap server. I can run id, getent, even su into a user's home from root and see correct file permissions and such so that's all good. The main issue I am having is that I cannot login as any ldap user with a password. If I create or have in effect an ssh key, I have no problem logging in as a user, but otherwise a password is just not accepted.

We don't do ldap authentication, just authorization, relying on another kerberos system to do password verification, but for some reason that part just isn't working? I have seen posts all over the web about the Force Legacy options, or turning on ldap auth to see if it fools it in /etc/sysconfig/authconfig, but nothing I do seems to be effective. Any ideas would be most helpful.
Click to expand...



I found out my glitch was more of a kerberos issue than ldap, the centralized kerberos server that I auth against uses older crypto than Centos 6.x will allow, thus it won't even try to auth the password.

You can add an option to your krb5.conf file to allow_weak_crypto to bypass this and allow sha256 encryption to work.

I still have a few issues, updating the ldap now that I have it running, on my old servers I used the program cpu and had it modify the local ldap on the machine for me, now I get errors that it cannot contact the ldap server on localhost, and using a host to test ldap connections, to two new ldaps severs responds I cannot contact either of them.
 
cowlesav said:
I still have a few issues, updating the ldap now that I have it running, on my old servers I used the program cpu and had it modify the local ldap on the machine for me, now I get errors that it cannot contact the ldap server on localhost, and using a host to test ldap connections, to two new ldaps severs responds I cannot contact either of them.
Click to expand...

sorry I dont quite follow what you are saying. Can you explain?
 
Hi, Stratus_ss, it's so kind of you to post such a detailed tutorial of setting openldap and answer our questions so patiently. I need to setup an openLDAP with tls, which is driving me crazy!
I read dozens of howto pages and tested, but no luck. I also follow your setup, but suffers from the same problem with johnp3 and heshammhafez.

I guess that all problems are due to the certification. However, I didn't know how to solve it, could you give some hints? Thanks.

what I have done as follows:
Env: Virtual box + CentOS-6.3-i386-minimal.iso

Code: 
[root@localhost ~]# hostname
localhost
[root@localhost ~]# sed -i "s/HOSTNAME=localhost.localdomain/HOSTNAME=qinguan.local/g" /etc/sysconfig/network
[root@localhost ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.12 qinguan.local
[root@localhost ~]# hostname qinguan.local
[root@localhost ~]# hostname
qinguan.local
[root@localhost ~]# service network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:  
Determining IP information for eth0... done.
                                                           [  OK  ]
[root@localhost ~]# hostname
qinguan.local
[root@localhost ~]# hostname -f
qinguan.local
[root@localhost ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@localhost ~]# setenforce  0

——————————————————————————————————————

[root@localhost ~]# yum -y install openldap-servers openldap-clients
[root@localhost ~]# sed -i "s/dc=my-domain,dc=com/dc=qinguan,dc=local/g" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}bdb.ldif 
[root@localhost ~]# echo "olcRootPW: password" >>/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}bdb.ldif 
[root@localhost ~]# echo "olcTLSCertificateFile: /etc/pki/tls/certs/qinguan_local_cert.pem " >>/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}bdb.ldif 
[root@localhost ~]# echo "olcTLSCertificateKeyFile: /etc/pki/tls/certs/qinguan_local_key.pem " >>/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}bdb.ldif 
[root@localhost ~]# sed -i "s/cn=manager,dc=my-domain,dc=com/cn=Manager,dc=qinguan,dc=local/g" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif 
[root@localhost ~]# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
[root@localhost ~]# chown -Rf ldap:ldap /var/lib/ldap/
[root@localhost ~]# sed -i "s/SLAPD_LDAPS=no/SLAPD_LDAPS=yes/g" /etc/sysconfig/ldap
[root@localhost ~]# openssl req -new -x509 -nodes -out /etc/pki/tls/certs/qinguan_local_cert.pem -keyout /etc/pki/tls/certs/qinguan_local_key.pem -days 3650
Generating a 2048 bit RSA private key
................................................................................................................................................+++
..................+++
writing new private key to '/etc/pki/tls/certs/qinguan_local_key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:qinguan.local
Email Address []:
[root@localhost ~]# chown -Rf ldap. /etc/pki/tls/certs/qinguan_local_*.pem
[root@localhost ~]# chmod 644 /etc/pki/tls/certs/qinguan_local_*.pem
[root@localhost ~]# ll /etc/pki/tls/certs/
total 1212
-rw-r--r--. 1 root root 571450 Apr  7  2010 ca-bundle.crt
-rw-r--r--. 1 root root 651083 Apr  7  2010 ca-bundle.trust.crt
-rwxr-xr-x. 1 root root    610 May 30  2012 make-dummy-cert
-rw-r--r--. 1 root root   2242 May 30  2012 Makefile
-rw-r--r--. 1 ldap ldap   1285 Dec 30 19:23 qinguan_local_cert.pem
-rw-r--r--. 1 ldap ldap   1704 Dec 30 19:23 qinguan_local_key.pem
[root@localhost ~]# slaptest -u
config file testing succeeded
[root@localhost ~]# service slapd start
Starting slapd:                                            [  OK  ]
[root@localhost ~]# ps -ef | grep slapd | grep -v grep
ldap      1366     1 62 19:00 ?        00:15:10 /usr/sbin/slapd -h  ldap:/// ldaps:/// ldapi:/// -u ldap
[root@localhost ~]# echo "TLS_CACERT /etc/pki/tls/certs/qinguan_local_cert.pem" >> /etc/openldap/ldap.conf 
[root@localhost ~]# echo "URI ldap://127.0.0.1" >> /etc/openldap/ldap.conf 
[root@localhost ~]# echo "BASE dc=qinguan,dc=local" >> /etc/openldap/ldap.conf 
[root@localhost ~]# ldapsearch -x -b "dc=qinguan,dc=local"
# extended LDIF
#
# LDAPv3
# base <dc=qinguan,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1
[root@localhost ~]# cat /etc/openldap/base.ldif 
dn: dc=qinguan,dc=local
dc: qinguan
objectClass: top
objectClass: domain

dn: ou=People,dc=qinguan,dc=local
ou: People
objectClass: top
objectClass: organizationalUnit

dn: ou=Group,dc=qinguan,dc=local
ou: Group
objectClass: top
objectClass: organizationalUnit

dn: uid=tester,ou=People,dc=qinguan,dc=local
uid: tester
cn: tester
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: password
shadowLastChange: 15140
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1000
gidNumber: 1000
homeDirectory: /home/tester
[root@localhost ~]# ldapadd -x -w password -D "cn=Manager,dc=qinguan,dc=local" -f /etc/openldap/base.ldif 
adding new entry "dc=qinguan,dc=local"

adding new entry "ou=People,dc=qinguan,dc=local"

adding new entry "ou=Group,dc=qinguan,dc=local"

adding new entry "uid=tester,ou=People,dc=qinguan,dc=local"

[root@localhost ~]# ldapsearch -x -b "dc=qinguan,dc=local"
# extended LDIF
#
# LDAPv3
# base <dc=qinguan,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# qinguan.local
dn: dc=qinguan,dc=local
dc: qinguan
objectClass: top
objectClass: domain

# People, qinguan.local
dn: ou=People,dc=qinguan,dc=local
ou: People
objectClass: top
objectClass: organizationalUnit

# Group, qinguan.local
dn: ou=Group,dc=qinguan,dc=local
ou: Group
objectClass: top
objectClass: organizationalUnit

# tester, People, qinguan.local
dn: uid=tester,ou=People,dc=qinguan,dc=local
uid: tester
cn: tester
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: cGFzc3dvcmQ=
shadowLastChange: 15140
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1000
gidNumber: 1000
homeDirectory: /home/tester

# search result
search: 2
result: 0 Success

# numResponses: 5
# numEntries: 4

——————————————————————————————————————
[root@localhost ~]# ldapsearch -x -H ldaps://localhost:636   [B]#hangs here[/B]
^C
[root@localhost ~]# ldapsearch -x -H ldaps://qinguan.local:636 -d 1
ldap_url_parse_ext(ldaps://qinguan.local:636)
ldap_create
ldap_url_parse_ext(ldaps://qinguan.local:636/??base)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP qinguan.local:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.0.12:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
TLS: loaded CA certificate file /etc/pki/tls/certs/qinguan_local_cert.pem.  #hangs here

——————————————————————————————————————
[root@localhost ~]# cat /etc/openldap/ldap.conf | grep -v "#"
TLS_CACERT /etc/pki/tls/certs/qinguan_local_cert.pem
URI ldap://127.0.0.1
BASE dc=qinguan,dc=local

[root@localhost ~]# openssl s_client -connect qinguan.local:636
CONNECTED(00000003)

[root@localhost ~]# openssl verify /etc/pki/tls/certs/qinguan_local_cert.pem 
/etc/pki/tls/certs/qinguan_local_cert.pem: C = XX, L = Default City, O = Default Company Ltd, CN = qinguan.local
error 18 at 0 depth lookup:self signed certificate
OK
[root@localhost ~]#
 
Last edited:
I haven't forgotten anyone :)

I am sitting through a brand new install today

qinguan: Thank you, that is most thorough, I will work through this right now and see if I can duplicate/fix the problem
 
So I have noted that there seems to be something wrong with slapd... or at least that is the process that is spinning out of control

I was able to reporduce qinguan's results, but I fired up top and noticed that it spun at 100%. I have a centos 6.2 box that I wrote this tutorial on which I am going to run the updates for and see if it has problems. It is currently in a working condition.

EDIT: for reference these are the packages currently installed on the working system

Code: 
abrt-2.0.8-6.el6.centos.x86_64
abrt-addon-ccpp-2.0.8-6.el6.centos.x86_64
abrt-addon-kerneloops-2.0.8-6.el6.centos.x86_64
abrt-addon-python-2.0.8-6.el6.centos.x86_64
abrt-cli-2.0.8-6.el6.centos.x86_64
abrt-desktop-2.0.8-6.el6.centos.x86_64
abrt-gui-2.0.8-6.el6.centos.x86_64
abrt-libs-2.0.8-6.el6.centos.x86_64
abrt-tui-2.0.8-6.el6.centos.x86_64
abyssinica-fonts-1.0-5.1.el6.noarch
acl-2.2.49-6.el6.x86_64
acpid-1.0.10-2.1.el6.x86_64
aic94xx-firmware-30-2.el6.noarch
alsa-lib-1.0.22-3.el6.x86_64
alsa-plugins-pulseaudio-1.0.21-3.el6.x86_64
alsa-utils-1.0.22-3.el6.x86_64
anthy-9100h-10.1.el6.x86_64
apr-1.3.9-5.el6_2.x86_64
apr-util-1.3.9-3.el6_0.1.x86_64
apr-util-ldap-1.3.9-3.el6_0.1.x86_64
at-3.1.10-43.el6_2.1.x86_64
atk-1.28.0-2.el6.x86_64
atlas-3.8.4-2.el6.x86_64
atmel-firmware-1.3-7.el6.noarch
at-spi-1.28.1-2.el6.centos.x86_64
at-spi-python-1.28.1-2.el6.centos.x86_64
attr-2.4.44-7.el6.x86_64
audit-2.2-2.el6.x86_64
audit-libs-2.2-2.el6.x86_64
audit-libs-python-2.2-2.el6.x86_64
augeas-libs-0.9.0-4.el6.x86_64
authconfig-6.1.12-10.el6.x86_64
authconfig-gtk-6.1.12-10.el6.x86_64
autofs-5.0.5-54.el6.x86_64
avahi-0.6.25-11.el6.x86_64
avahi-autoipd-0.6.25-11.el6.x86_64
avahi-glib-0.6.25-11.el6.x86_64
avahi-libs-0.6.25-11.el6.x86_64
b43-fwcutter-012-2.2.el6.x86_64
b43-openfwwf-5.2-4.el6.noarch
basesystem-10.0-4.el6.noarch
bash-4.1.2-9.el6_2.x86_64
bash-completion-20060301-1.el6.rf.noarch
bc-1.06.95-1.el6.x86_64
bfa-firmware-3.0.0.0-1.el6.noarch
bind-libs-9.8.2-0.10.rc1.el6_3.3.x86_64
bind-utils-9.8.2-0.10.rc1.el6_3.3.x86_64
binutils-2.20.51.0.2-5.34.el6.x86_64
biosdevname-0.3.11-1.el6.x86_64
blktrace-1.0.1-6.el6.x86_64
boost-1.41.0-11.el6_1.2.x86_64
boost-date-time-1.41.0-11.el6_1.2.x86_64
boost-filesystem-1.41.0-11.el6_1.2.x86_64
boost-graph-1.41.0-11.el6_1.2.x86_64
boost-iostreams-1.41.0-11.el6_1.2.x86_64
boost-program-options-1.41.0-11.el6_1.2.x86_64
boost-python-1.41.0-11.el6_1.2.x86_64
boost-regex-1.41.0-11.el6_1.2.x86_64
boost-serialization-1.41.0-11.el6_1.2.x86_64
boost-signals-1.41.0-11.el6_1.2.x86_64
boost-system-1.41.0-11.el6_1.2.x86_64
boost-test-1.41.0-11.el6_1.2.x86_64
boost-thread-1.41.0-11.el6_1.2.x86_64
boost-wave-1.41.0-11.el6_1.2.x86_64
bridge-utils-1.2-9.el6.x86_64
btparser-0.16-3.el6.x86_64
busybox-1.15.1-15.el6.x86_64
bzip2-1.0.5-7.el6_0.x86_64
bzip2-libs-1.0.5-7.el6_0.x86_64
ca-certificates-2010.63-3.el6_1.5.noarch
cairo-1.8.8-3.1.el6.x86_64
c-ares-1.7.0-6.el6.x86_64
cas-0.15-1.el6.1.noarch
cdparanoia-libs-10.2-5.1.el6.x86_64
centos-indexhtml-6-1.el6.centos.noarch
centos-release-6-3.el6.centos.9.x86_64
certmonger-0.56-1.el6.x86_64
checkpolicy-2.0.22-1.el6.x86_64
chkconfig-1.3.49.3-2.el6.x86_64
cifs-utils-4.8.1-10.el6.x86_64
cjkuni-fonts-common-0.2.20080216.1-35.el6.noarch
cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch
cloog-ppl-0.15.7-1.2.el6.x86_64
comps-extras-17.8-1.el6.noarch
ConsoleKit-0.4.1-3.el6.x86_64
ConsoleKit-libs-0.4.1-3.el6.x86_64
ConsoleKit-x11-0.4.1-3.el6.x86_64
control-center-2.28.1-37.el6.x86_64
control-center-extra-2.28.1-37.el6.x86_64
control-center-filesystem-2.28.1-37.el6.x86_64
coreutils-8.4-19.el6.x86_64
coreutils-libs-8.4-19.el6.x86_64
cpio-2.10-10.el6.x86_64
cpp-4.4.6-4.el6.x86_64
cpuspeed-1.5-15.el6.x86_64
cracklib-2.8.16-4.el6.x86_64
cracklib-dicts-2.8.16-4.el6.x86_64
cracklib-python-2.8.16-4.el6.x86_64
crash-6.0.4-2.el6.x86_64
crash-trace-command-1.0-4.el6.x86_64
crda-1.1.1_2010.11.22-1.el6.x86_64
cronie-1.4.4-7.el6.x86_64
cronie-anacron-1.4.4-7.el6.x86_64
crontabs-1.10-33.el6.noarch
crypto-utils-2.4.1-24.2.el6.x86_64
cryptsetup-luks-1.2.0-7.el6.x86_64
cryptsetup-luks-libs-1.2.0-7.el6.x86_64
cups-1.4.2-48.el6_3.1.x86_64
cups-libs-1.4.2-48.el6_3.1.x86_64
curl-7.19.7-26.el6_2.4.x86_64
cvs-1.11.23-11.el6_2.1.x86_64
cyrus-sasl-2.1.23-13.el6.x86_64
cyrus-sasl-gssapi-2.1.23-13.el6.x86_64
cyrus-sasl-lib-2.1.23-13.el6.x86_64
cyrus-sasl-md5-2.1.23-13.el6.x86_64
cyrus-sasl-plain-2.1.23-13.el6.x86_64
dash-0.5.5.1-3.1.el6.x86_64
db4-4.7.25-17.el6.x86_64
db4-utils-4.7.25-17.el6.x86_64
dbus-1.2.24-7.el6_3.x86_64
dbus-glib-0.86-5.el6.x86_64
dbus-libs-1.2.24-7.el6_3.x86_64
dbus-python-0.83.0-6.1.el6.x86_64
dbus-x11-1.2.24-7.el6_3.x86_64
dejavu-fonts-common-2.30-2.el6.noarch
dejavu-sans-fonts-2.30-2.el6.noarch
dejavu-sans-mono-fonts-2.30-2.el6.noarch
dejavu-serif-fonts-2.30-2.el6.noarch
desktop-file-utils-0.15-9.el6.x86_64
DeviceKit-power-014-3.el6.x86_64
device-mapper-1.02.74-10.el6.x86_64
device-mapper-event-1.02.74-10.el6.x86_64
device-mapper-event-libs-1.02.74-10.el6.x86_64
device-mapper-libs-1.02.74-10.el6.x86_64
dhclient-4.1.1-31.0.1.P1.el6.centos.1.x86_64
dhcp-common-4.1.1-31.0.1.P1.el6.centos.1.x86_64
diffutils-2.8.1-28.el6.x86_64
dmidecode-2.11-2.el6.x86_64
dmraid-1.0.0.rc16-11.el6.x86_64
dmraid-events-1.0.0.rc16-11.el6.x86_64
dmz-cursor-themes-0.4-4.el6.noarch
dnsmasq-2.48-6.el6.x86_64
docbook-dtds-1.0-51.el6.noarch
dosfstools-3.0.9-4.el6.x86_64
dracut-004-284.el6_3.noarch
dracut-kernel-004-284.el6_3.noarch
dstat-0.7.0-1.el6.noarch
e2fsprogs-1.41.12-12.el6.x86_64
e2fsprogs-libs-1.41.12-12.el6.x86_64
ed-1.1-3.3.el6.x86_64
efibootmgr-0.5.4-10.el6.x86_64
eggdbus-0.6-3.el6.x86_64
eject-2.1.5-17.el6.x86_64
elfutils-0.152-1.el6.x86_64
elfutils-libelf-0.152-1.el6.x86_64
elfutils-libs-0.152-1.el6.x86_64
eog-2.28.2-4.el6.x86_64
ethtool-2.6.33-0.3.el6.x86_64
evolution-data-server-2.28.3-15.el6.x86_64
exempi-2.1.0-5.el6.x86_64
expat-2.0.1-11.el6_2.x86_64
festival-1.96-18.el6.x86_64
festival-lib-1.96-18.el6.x86_64
festival-speechtools-libs-1.2.96-18.el6.x86_64
festvox-slt-arctic-hts-0.20061229-18.el6.noarch
file-5.04-13.el6.x86_64
file-libs-5.04-13.el6.x86_64
filesystem-2.4.30-3.el6.x86_64
findutils-4.4.2-6.el6.x86_64
fipscheck-1.2.0-7.el6.x86_64
fipscheck-lib-1.2.0-7.el6.x86_64
firefox-10.0.7-1.el6.centos.x86_64
firstboot-1.110.13-1.el6.x86_64
flac-1.2.1-6.1.el6.x86_64
fontconfig-2.8.0-3.el6.x86_64
fontpackages-filesystem-1.41-1.1.el6.noarch
foomatic-4.0.4-1.el6_1.1.x86_64
foomatic-db-4.0-7.20091126.el6.noarch
foomatic-db-filesystem-4.0-7.20091126.el6.noarch
foomatic-db-ppds-4.0-7.20091126.el6.noarch
fprintd-0.1-20.git04fd09cfa.el6.x86_64
fprintd-pam-0.1-20.git04fd09cfa.el6.x86_64
freetype-2.3.11-6.el6_2.9.x86_64
fuse-2.8.3-4.el6.x86_64
fuse-libs-2.8.3-4.el6.x86_64
gamin-0.1.10-9.el6.x86_64
gawk-3.1.7-9.el6.x86_64
gcc-4.4.6-4.el6.x86_64
GConf2-2.28.0-6.el6.x86_64
GConf2-gtk-2.28.0-6.el6.x86_64
gd-2.0.35-10.el6.x86_64
gdb-7.2-56.el6.x86_64
gdbm-1.8.0-36.el6.x86_64
gdm-2.30.4-33.el6_2.x86_64
gdm-libs-2.30.4-33.el6_2.x86_64
gdm-plugin-fingerprint-2.30.4-33.el6_2.x86_64
gdm-user-switch-applet-2.30.4-33.el6_2.x86_64
gettext-0.17-16.el6.x86_64
ghostscript-8.70-14.el6_3.1.x86_64
ghostscript-fonts-5.50-23.1.el6.noarch
giflib-4.1.6-3.1.el6.x86_64
glib2-2.22.5-7.el6.x86_64
glibc-2.12-1.80.el6_3.5.x86_64
glibc-common-2.12-1.80.el6_3.5.x86_64
glibc-devel-2.12-1.80.el6_3.5.x86_64
glibc-headers-2.12-1.80.el6_3.5.x86_64
glx-utils-7.11-5.el6.x86_64
gmp-4.3.1-7.el6_2.2.x86_64
gnome-applets-2.28.0-7.el6.centos.x86_64
gnome-bluetooth-libs-2.28.6-8.el6.x86_64
gnome-desktop-2.28.2-9.el6.centos.x86_64
gnome-disk-utility-libs-2.30.1-2.el6.x86_64
gnome-doc-utils-stylesheets-0.18.1-1.el6.noarch
gnome-icon-theme-2.28.0-2.el6.noarch
gnome-keyring-2.28.2-7.el6.x86_64
gnome-keyring-pam-2.28.2-7.el6.x86_64
gnome-mag-0.15.9-2.el6.x86_64
gnome-media-2.29.91-6.el6.x86_64
gnome-media-libs-2.29.91-6.el6.x86_64
gnome-menus-2.28.0-4.el6.x86_64
gnome-packagekit-2.28.3-4.el6_3.x86_64
gnome-panel-2.30.2-14.el6.x86_64
gnome-panel-libs-2.30.2-14.el6.x86_64
gnome-power-manager-2.28.3-6.el6_2.x86_64
gnome-python2-2.28.0-3.el6.x86_64
gnome-python2-applet-2.28.0-4.el6.x86_64
gnome-python2-bonobo-2.28.0-3.el6.x86_64
gnome-python2-canvas-2.28.0-3.el6.x86_64
gnome-python2-desktop-2.28.0-4.el6.x86_64
gnome-python2-extras-2.25.3-20.el6.x86_64
gnome-python2-gconf-2.28.0-3.el6.x86_64
gnome-python2-gnome-2.28.0-3.el6.x86_64
gnome-python2-gnomekeyring-2.28.0-4.el6.x86_64
gnome-python2-gnomevfs-2.28.0-3.el6.x86_64
gnome-python2-libegg-2.25.3-20.el6.x86_64
gnome-python2-libwnck-2.28.0-4.el6.x86_64
gnome-screensaver-2.28.3-18.el6.x86_64
gnome-session-2.28.0-18.el6.x86_64
gnome-session-xsession-2.28.0-18.el6.x86_64
gnome-settings-daemon-2.28.2-20.el6.x86_64
gnome-speech-0.4.25-3.1.el6.x86_64
gnome-terminal-2.31.3-7.el6.x86_64
gnome-themes-2.28.1-6.el6.noarch
gnome-user-docs-2.28.0-4.el6.noarch
gnome-vfs2-2.24.2-6.el6.x86_64
gnome-vfs2-smb-2.24.2-6.el6.x86_64
gnupg2-2.0.14-4.el6.x86_64
gnutls-2.8.5-4.el6_2.2.x86_64
gok-2.28.1-5.el6.x86_64
gpgme-1.1.8-3.el6.x86_64
gpm-libs-1.20.6-12.el6.x86_64
grep-2.6.3-3.el6.x86_64
groff-1.18.1.4-21.el6.x86_64
grub-0.97-77.el6.x86_64
grubby-7.0.15-3.el6.x86_64
gstreamer-0.10.29-1.el6.x86_64
gstreamer-plugins-base-0.10.29-1.el6.x86_64
gstreamer-plugins-good-0.10.23-1.el6.x86_64
gstreamer-tools-0.10.29-1.el6.x86_64
gtk2-2.18.9-10.el6.x86_64
gtk2-engines-2.18.4-5.el6.centos.x86_64
gtk2-immodule-xim-2.18.9-10.el6.x86_64
gucharmap-2.28.2-2.el6.x86_64
gvfs-1.4.3-12.el6.x86_64
gvfs-archive-1.4.3-12.el6.x86_64
gvfs-fuse-1.4.3-12.el6.x86_64
gvfs-smb-1.4.3-12.el6.x86_64
gzip-1.3.12-18.el6.x86_64
hal-0.5.14-11.el6.x86_64
hal-info-20090716-3.1.el6.noarch
hal-libs-0.5.14-11.el6.x86_64
hdparm-9.16-3.4.el6.x86_64
hesiod-3.1.0-19.el6.x86_64
hicolor-icon-theme-0.11-1.1.el6.noarch
httpd-2.2.15-15.el6.centos.1.x86_64
httpd-manual-2.2.15-15.el6.centos.1.noarch
httpd-tools-2.2.15-15.el6.centos.1.x86_64
hunspell-1.2.8-16.el6.x86_64
hunspell-en-0.20090216-7.1.el6.noarch
hwdata-0.233-7.8.el6.noarch
ibus-1.3.4-6.el6.x86_64
ibus-anthy-1.2.1-3.el6.x86_64
ibus-chewing-1.3.5.20100714-4.el6.x86_64
ibus-gtk-1.3.4-6.el6.x86_64
ibus-hangul-1.3.0.20100329-4.el6.x86_64
ibus-libs-1.3.4-6.el6.x86_64
ibus-m17n-1.3.0-2.el6.x86_64
ibus-pinyin-1.3.8-1.el6.x86_64
ibus-qt-1.3.0-2.el6.x86_64
ibus-rawcode-1.3.0.20100421-2.el6.x86_64
ibus-sayura-1.2.99.20100209-3.el6.x86_64
ibus-table-1.2.0.20100111-4.el6.noarch
ibus-table-additional-1.2.0.20100111-4.el6.noarch
idm-console-framework-1.1.7-2.el6.noarch
im-chooser-1.3.1-3.el6.x86_64
imsettings-0.108.0-3.6.el6.x86_64
imsettings-libs-0.108.0-3.6.el6.x86_64
info-4.13a-8.el6.x86_64
initscripts-9.03.31-2.el6.centos.1.x86_64
iok-1.3.13-2.el6.x86_64
iotop-0.3.2-3.el6.noarch
ipa-client-2.2.0-16.el6.x86_64
ipa-python-2.2.0-16.el6.x86_64
iproute-2.6.32-20.el6.x86_64
iptables-1.4.7-5.1.el6_2.x86_64
iptables-ipv6-1.4.7-5.1.el6_2.x86_64
iputils-20071127-16.el6.x86_64
ipw2100-firmware-1.3-11.el6.noarch
ipw2200-firmware-3.1-4.el6.noarch
irqbalance-0.55-35.el6_3.x86_64
iso-codes-3.16-2.el6.noarch
ivtv-firmware-20080701-20.2.noarch
iw-0.9.17-4.el6.x86_64
iwl1000-firmware-39.31.5.1-1.el6.noarch
iwl100-firmware-39.31.5.1-1.el6.noarch
iwl3945-firmware-15.32.2.9-4.el6.noarch
iwl4965-firmware-228.61.2.24-2.1.el6.noarch
iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch
iwl5150-firmware-8.24.2.2-1.el6.noarch
iwl6000-firmware-9.221.4.1-1.el6.noarch
iwl6000g2a-firmware-17.168.5.3-1.el6.noarch
iwl6000g2b-firmware-17.168.5.2-1.el6.noarch
iwl6050-firmware-41.28.5.1-2.el6.noarch
jasper-libs-1.900.1-15.el6_1.1.x86_64
java-1.5.0-gcj-1.5.0.0-29.1.el6.x86_64
java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64
java_cup-0.10k-5.el6.x86_64
jline-0.9.94-0.8.el6.noarch
jomolhari-fonts-0.003-8.1.el6.noarch
jpackage-utils-1.7.5-3.12.el6.noarch
jss-4.2.6-22.el6.x86_64
kasumi-2.5-1.1.el6.x86_64
kbd-1.15-11.el6.x86_64
kbd-misc-1.15-11.el6.noarch
kernel-2.6.32-220.23.1.el6.x86_64
kernel-2.6.32-220.el6.x86_64
kernel-2.6.32-279.9.1.el6.x86_64
kernel-devel-2.6.32-220.23.1.el6.x86_64
kernel-devel-2.6.32-220.el6.x86_64
kernel-devel-2.6.32-279.9.1.el6.x86_64
kernel-firmware-2.6.32-279.9.1.el6.noarch
kernel-headers-2.6.32-279.9.1.el6.x86_64
kexec-tools-2.0.0-245.el6.x86_64
keyutils-1.4-4.el6.x86_64
keyutils-libs-1.4-4.el6.x86_64
khmeros-base-fonts-5.0-9.el6.noarch
khmeros-fonts-common-5.0-9.el6.noarch
kpartx-0.4.9-56.el6_3.1.x86_64
krb5-libs-1.9-33.el6_3.3.x86_64
krb5-workstation-1.9-33.el6_3.3.x86_64
kurdit-unikurd-web-fonts-20020502-6.el6.noarch
latencytop-0.5-9.el6.x86_64
latencytop-common-0.5-9.el6.x86_64
latrace-0.5.9-2.el6.x86_64
lcms-libs-1.19-1.el6.x86_64
ldapjdk-4.18-6.el6.x86_64
less-436-10.el6.x86_64
libacl-2.2.49-6.el6.x86_64
libaio-0.3.107-10.el6.x86_64
libarchive-2.8.3-4.el6_2.x86_64
libart_lgpl-2.3.20-5.1.el6.x86_64
libasyncns-0.8-1.1.el6.x86_64
libatasmart-0.17-4.el6_2.x86_64
libattr-2.4.44-7.el6.x86_64
libavc1394-0.5.3-9.1.el6.x86_64
libblkid-2.17.2-12.7.el6.x86_64
libbonobo-2.24.2-5.el6.x86_64
libbonoboui-2.24.2-3.el6.x86_64
libcanberra-0.22-1.el6.centos.x86_64
libcanberra-gtk2-0.22-1.el6.centos.x86_64
libcap-2.16-5.5.el6.x86_64
libcap-ng-0.6.4-3.el6_0.1.x86_64
libcdio-0.81-3.1.el6.x86_64
libcgroup-0.37-4.el6.x86_64
libchewing-0.3.2-27.el6.x86_64
libcollection-0.6.0-9.el6.x86_64
libcom_err-1.41.12-12.el6.x86_64
libcroco-0.6.2-5.el6.x86_64
libcurl-7.19.7-26.el6_2.4.x86_64
libdaemon-0.14-1.el6.x86_64
libdhash-0.4.2-9.el6.x86_64
libdmx-1.1.0-1.el6.x86_64
libdrm-2.4.25-2.el6.x86_64
libdv-1.0.0-8.1.el6.x86_64
libedit-2.11-4.20080712cvs.1.el6.x86_64
liberation-fonts-common-1.05.1.20090721-5.el6.noarch
liberation-mono-fonts-1.05.1.20090721-5.el6.noarch
liberation-sans-fonts-1.05.1.20090721-5.el6.noarch
liberation-serif-fonts-1.05.1.20090721-5.el6.noarch
libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch
libevent-1.4.13-4.el6.x86_64
libexif-0.6.21-5.el6_3.x86_64
libffi-3.0.5-3.2.el6.x86_64
libfontenc-1.0.5-2.el6.x86_64
libfprint-0.1.0-19.pre2.el6.x86_64
libgail-gnome-1.20.1-4.1.el6.centos.x86_64
libgcc-4.4.6-4.el6.x86_64
libgcj-4.4.6-4.el6.x86_64
libgcrypt-1.4.5-9.el6_2.2.x86_64
libgfortran-4.4.6-4.el6.x86_64
libglade2-2.6.4-3.1.el6.x86_64
libgnome-2.28.0-11.el6.x86_64
libgnomecanvas-2.26.0-4.el6.x86_64
libgnomekbd-2.28.2-2.el6.x86_64
libgnomeui-2.24.1-4.el6.x86_64
libgomp-4.4.6-4.el6.x86_64
libgpg-error-1.7-4.el6.x86_64
libgsf-1.14.15-5.el6.x86_64
libgssglue-0.1-11.el6.x86_64
libgtop2-2.28.0-3.el6.x86_64
libgudev1-147-2.42.el6.x86_64
libgweather-2.28.0-5.el6.x86_64
libgxim-0.3.3-3.1.el6.x86_64
libhangul-0.0.10-1.el6.x86_64
libical-0.43-5.1.el6.x86_64
libICE-1.0.6-1.el6.x86_64
libicu-4.2.1-9.1.el6_2.x86_64
libIDL-0.8.13-2.1.el6.x86_64
libidn-1.18-2.el6.x86_64
libiec61883-1.2.0-4.el6.x86_64
libini_config-0.6.1-9.el6.x86_64
libipa_hbac-1.8.0-32.el6.x86_64
libipa_hbac-python-1.8.0-32.el6.x86_64
libjpeg-6b-46.el6.x86_64
libldb-0.9.10-23.el6.x86_64
libmcpp-2.7.2-4.1.el6.x86_64
libmng-1.0.10-4.1.el6.x86_64
libnih-1.0.1-7.el6.x86_64
libnl-1.1-14.el6.x86_64
libnotify-0.5.0-1.el6.x86_64
libogg-1.1.4-2.1.el6.x86_64
liboil-0.3.16-4.1.el6.x86_64
libpath_utils-0.2.1-9.el6.x86_64
libpcap-1.0.0-6.20091201git117cb5.el6.x86_64
libpciaccess-0.12.1-1.el6.x86_64
libpng-1.2.49-1.el6_2.x86_64
libproxy-0.3.0-2.el6.x86_64
libproxy-bin-0.3.0-2.el6.x86_64
libproxy-python-0.3.0-2.el6.x86_64
libraw1394-2.0.4-1.el6.x86_64
libref_array-0.1.1-9.el6.x86_64
libreport-2.0.9-5.el6.centos.x86_64
libreport-cli-2.0.9-5.el6.centos.x86_64
libreport-gtk-2.0.9-5.el6.centos.x86_64
libreport-newt-2.0.9-5.el6.centos.x86_64
libreport-plugin-kerneloops-2.0.9-5.el6.centos.x86_64
libreport-plugin-logger-2.0.9-5.el6.centos.x86_64
libreport-plugin-mailx-2.0.9-5.el6.centos.x86_64
libreport-plugin-reportuploader-2.0.9-5.el6.centos.x86_64
libreport-plugin-rhtsupport-2.0.9-5.el6.centos.x86_64
libreport-python-2.0.9-5.el6.centos.x86_64
librsvg2-2.26.0-5.el6_1.1.0.1.centos.x86_64
libsamplerate-0.1.7-2.1.el6.x86_64
libselinux-2.0.94-5.3.el6.x86_64
libselinux-python-2.0.94-5.3.el6.x86_64
libselinux-utils-2.0.94-5.3.el6.x86_64
libsemanage-2.0.43-4.1.el6.x86_64
libsemanage-python-2.0.43-4.1.el6.x86_64
libsepol-2.0.41-4.el6.x86_64
libshout-2.2.2-5.1.el6.x86_64
libSM-1.1.0-7.1.el6.x86_64
libsmbclient0-3.6.6-44.el6.x86_64
libsndfile-1.0.20-5.el6.x86_64
libsoup-2.28.2-1.el6_1.1.x86_64
libss-1.41.12-12.el6.x86_64
libssh2-1.2.2-11.el6_3.x86_64
libstdc++-4.4.6-4.el6.x86_64
libtalloc-2.0.1-1.1.el6.x86_64
libtar-1.2.11-17.el6.x86_64
libtasn1-2.3-3.el6_2.1.x86_64
libtdb-1.2.1-3.el6.x86_64
libtevent-0.9.8-8.el6.x86_64
libthai-0.1.12-3.el6.x86_64
libtheora-1.1.0-2.el6.x86_64
libtiff-3.9.4-6.el6_3.x86_64
libtirpc-0.2.1-5.el6.x86_64
libtool-ltdl-2.2.6-15.5.el6.x86_64
libudev-147-2.42.el6.x86_64
libunistring-0.9.3-5.el6.x86_64
libusb-0.1.12-23.el6.x86_64
libusb1-1.0.9-0.5.rc1.el6.x86_64
libuser-0.56.13-5.el6.x86_64
libuser-python-0.56.13-5.el6.x86_64
libutempter-1.1.5-4.1.el6.x86_64
libuuid-2.17.2-12.7.el6.x86_64
libv4l-0.6.3-2.el6.x86_64
libvisual-0.4.0-9.1.el6.x86_64
libvorbis-1.2.3-4.el6_2.1.x86_64
libwacom-0.5-3.el6.x86_64
libwacom-data-0.5-3.el6.noarch
libwbclient0-3.6.6-44.el6.x86_64
libwnck-2.28.0-3.el6.x86_64
libX11-1.3-2.el6.x86_64
libX11-common-1.3-2.el6.noarch
libXau-1.0.5-1.el6.x86_64
libxcb-1.5-1.el6.x86_64
libXcomposite-0.4.1-2.el6.x86_64
libXcursor-1.1.10-2.el6.x86_64
libXdamage-1.1.2-1.el6.x86_64
libXdmcp-1.0.3-1.el6.x86_64
libXext-1.1-3.el6.x86_64
libXfixes-4.0.4-1.el6.x86_64
libXfont-1.4.1-2.el6_1.x86_64
libXft-2.1.13-4.1.el6.x86_64
libXi-1.3-3.el6.x86_64
libXinerama-1.1-1.el6.x86_64
libxkbfile-1.0.6-1.1.el6.x86_64
libxklavier-4.0-9.el6.x86_64
libxml2-2.7.6-8.el6_3.3.x86_64
libxml2-python-2.7.6-8.el6_3.3.x86_64
libXmu-1.0.5-1.el6.x86_64
libXpm-3.5.8-2.el6.x86_64
libXrandr-1.3.0-4.el6.x86_64
libXrender-0.9.5-1.el6.x86_64
libXres-1.0.4-1.el6.x86_64
libXScrnSaver-1.2.0-1.el6.x86_64
libxslt-1.1.26-2.el6_3.1.x86_64
libXt-1.0.7-1.el6.x86_64
libXtst-1.0.99.2-3.el6.x86_64
libXv-1.0.5-1.el6.x86_64
libXvMC-1.0.4-8.1.el6.x86_64
libXxf86dga-1.1.1-1.el6.x86_64
libXxf86misc-1.0.2-1.el6.x86_64
libXxf86vm-1.1.0-1.el6.x86_64
lklug-fonts-0.6-4.20090803cvs.el6.noarch
lm_sensors-libs-3.1.1-10.el6.x86_64
logrotate-3.7.8-15.el6.x86_64
lohit-assamese-fonts-2.4.3-5.el6.noarch
lohit-bengali-fonts-2.4.3-6.el6.noarch
lohit-devanagari-fonts-2.4.3-7.el6.noarch
lohit-gujarati-fonts-2.4.4-4.el6.noarch
lohit-kannada-fonts-2.4.5-6.el6.noarch
lohit-oriya-fonts-2.4.3-6.el6.noarch
lohit-punjabi-fonts-2.4.4-2.el6.noarch
lohit-tamil-fonts-2.4.5-5.el6.noarch
lohit-telugu-fonts-2.4.5-5.el6.noarch
lsof-4.82-4.el6.x86_64
ltrace-0.5-23.45svn.el6.x86_64
lua-5.1.4-4.1.el6.x86_64
lvm2-2.02.95-10.el6.x86_64
lvm2-libs-2.02.95-10.el6.x86_64
m17n-contrib-1.1.10-4.el6_1.1.noarch
m17n-contrib-assamese-1.1.10-4.el6_1.1.noarch
m17n-contrib-bengali-1.1.10-4.el6_1.1.noarch
m17n-contrib-gujarati-1.1.10-4.el6_1.1.noarch
m17n-contrib-hindi-1.1.10-4.el6_1.1.noarch
m17n-contrib-kannada-1.1.10-4.el6_1.1.noarch
m17n-contrib-maithili-1.1.10-4.el6_1.1.noarch
m17n-contrib-malayalam-1.1.10-4.el6_1.1.noarch
m17n-contrib-marathi-1.1.10-4.el6_1.1.noarch
m17n-contrib-oriya-1.1.10-4.el6_1.1.noarch
m17n-contrib-punjabi-1.1.10-4.el6_1.1.noarch
m17n-contrib-sinhala-1.1.10-4.el6_1.1.noarch
m17n-contrib-tamil-1.1.10-4.el6_1.1.noarch
m17n-contrib-telugu-1.1.10-4.el6_1.1.noarch
m17n-contrib-urdu-1.1.10-4.el6_1.1.noarch
m17n-db-1.5.5-1.1.el6.noarch
m17n-db-assamese-1.5.5-1.1.el6.noarch
m17n-db-bengali-1.5.5-1.1.el6.noarch
m17n-db-gujarati-1.5.5-1.1.el6.noarch
m17n-db-hindi-1.5.5-1.1.el6.noarch
m17n-db-kannada-1.5.5-1.1.el6.noarch
m17n-db-malayalam-1.5.5-1.1.el6.noarch
m17n-db-oriya-1.5.5-1.1.el6.noarch
m17n-db-punjabi-1.5.5-1.1.el6.noarch
m17n-db-sinhala-1.5.5-1.1.el6.noarch
m17n-db-tamil-1.5.5-1.1.el6.noarch
m17n-db-telugu-1.5.5-1.1.el6.noarch
m17n-db-thai-1.5.5-1.1.el6.noarch
m17n-lib-1.5.5-2.el6_1.1.x86_64
m4-1.4.13-5.el6.x86_64
madan-fonts-2.000-3.el6.noarch
mailcap-2.1.31-2.el6.noarch
mailx-12.4-6.el6.x86_64
make-3.81-20.el6.x86_64
MAKEDEV-3.24-6.el6.x86_64
man-1.6f-30.el6.x86_64
man-pages-3.22-17.el6.noarch
man-pages-overrides-6.3.3-1.el6.noarch
matahari-0.6.0-14.el6.x86_64
matahari-agent-lib-0.6.0-14.el6.x86_64
matahari-broker-0.6.0-14.el6.x86_64
matahari-consoles-0.6.0-14.el6.x86_64
matahari-core-0.6.0-14.el6.x86_64
matahari-host-0.6.0-14.el6.x86_64
matahari-lib-0.6.0-14.el6.x86_64
matahari-network-0.6.0-14.el6.x86_64
matahari-python-0.6.0-14.el6.x86_64
matahari-rpc-0.6.0-14.el6.x86_64
matahari-service-0.6.0-14.el6.x86_64
matahari-sysconfig-0.6.0-14.el6.x86_64
mcpp-2.7.2-4.1.el6.x86_64
mdadm-3.2.3-9.el6.x86_64
mesa-dri-drivers-7.11-5.el6.x86_64
mesa-libGL-7.11-5.el6.x86_64
mesa-libGLU-7.11-5.el6.x86_64
metacity-2.28.0-23.el6.x86_64
microcode_ctl-1.17-11.el6.x86_64
mingetty-1.08-5.el6.x86_64
mlocate-0.22.2-3.el6.x86_64
mobile-broadband-provider-info-1.20100122-1.el6.noarch
ModemManager-0.4.0-3.git20100628.el6.x86_64
mod_nss-1.0.8-15.el6.x86_64
mod_perl-2.0.4-10.el6.x86_64
mod_ssl-2.2.15-15.el6.centos.1.x86_64
module-init-tools-3.9-20.el6.x86_64
mod_wsgi-3.2-1.el6.x86_64
mozilla-filesystem-1.9-5.1.el6.x86_64
mpfr-2.4.1-6.el6.x86_64
mtools-4.0.12-1.el6.x86_64
mtr-0.75-5.el6.x86_64
mysql-libs-5.1.61-4.el6.x86_64
nano-2.0.9-7.el6.x86_64
nautilus-2.28.4-19.el6.x86_64
nautilus-extensions-2.28.4-19.el6.x86_64
nautilus-open-terminal-0.17-4.el6.x86_64
nc-1.84-22.el6.x86_64
ncurses-5.7-3.20090208.el6.x86_64
ncurses-base-5.7-3.20090208.el6.x86_64
ncurses-libs-5.7-3.20090208.el6.x86_64
net-snmp-libs-5.5-41.el6_3.1.x86_64
net-tools-1.60-110.el6_2.x86_64
NetworkManager-0.8.1-33.el6.x86_64
NetworkManager-glib-0.8.1-33.el6.x86_64
NetworkManager-gnome-0.8.1-33.el6.x86_64
newt-0.52.11-3.el6.x86_64
newt-python-0.52.11-3.el6.x86_64
nfs4-acl-tools-0.3.3-6.el6.x86_64
nfs-utils-1.2.3-26.el6.x86_64
nfs-utils-lib-1.1.5-4.el6.x86_64
nmap-5.51.6-1.el6.rfx.x86_64
notification-daemon-0.5.0-1.el6.x86_64
notify-python-0.1.1-10.el6.x86_64
nspluginwrapper-1.3.0-14.el6.x86_64
nspr-4.9.1-2.el6_3.x86_64
nss-3.13.5-1.el6_3.x86_64
nss-softokn-3.12.9-11.el6.x86_64
nss-softokn-freebl-3.12.9-11.el6.x86_64
nss-sysinit-3.13.5-1.el6_3.x86_64
nss-tools-3.13.5-1.el6_3.x86_64
nss-util-3.13.5-1.el6_3.x86_64
ntp-4.2.4p8-2.el6.centos.x86_64
ntpdate-4.2.4p8-2.el6.centos.x86_64
ntsysv-1.3.49.3-2.el6.x86_64
numpy-1.4.1-9.el6.x86_64
oddjob-0.30-5.el6.x86_64
oddjob-mkhomedir-0.30-5.el6.x86_64
openjpeg-libs-1.3-9.el6_3.x86_64
openldap-2.4.23-26.el6_3.2.x86_64
openldap-clients-2.4.23-26.el6_3.2.x86_64
openldap-servers-2.4.23-26.el6_3.2.x86_64
openssh-5.3p1-81.el6.x86_64
openssh-askpass-5.3p1-81.el6.x86_64
openssh-clients-5.3p1-81.el6.x86_64
openssh-server-5.3p1-81.el6.x86_64
openssl-1.0.0-25.el6_3.1.x86_64
openswan-2.6.32-19.el6_3.x86_64
oprofile-0.9.7-1.el6.x86_64
ORBit2-2.14.17-3.1.el6.x86_64
orca-2.28.2-1.el6.x86_64
PackageKit-0.5.8-20.el6.x86_64
PackageKit-device-rebind-0.5.8-20.el6.x86_64
PackageKit-glib-0.5.8-20.el6.x86_64
PackageKit-gtk-module-0.5.8-20.el6.x86_64
PackageKit-yum-0.5.8-20.el6.x86_64
PackageKit-yum-plugin-0.5.8-20.el6.x86_64
paktype-fonts-common-2.0-8.el6.noarch
paktype-naqsh-fonts-2.0-8.el6.noarch
paktype-tehreer-fonts-2.0-8.el6.noarch
pam-1.1.1-10.el6_2.1.x86_64
pam_krb5-2.3.11-9.el6.x86_64
pam_ldap-185-11.el6.x86_64
pam_passwdqc-1.0.5-6.el6.x86_64
pango-1.28.1-3.el6_0.5.1.centos.x86_64
parted-2.1-18.el6.x86_64
passwd-0.77-4.el6_2.2.x86_64
patch-2.6-6.el6.x86_64
pax-3.4-10.1.el6.x86_64
pciutils-3.1.4-11.el6.x86_64
pciutils-libs-3.1.4-11.el6.x86_64
pcmciautils-015-4.2.el6.x86_64
pcre-7.8-4.el6.x86_64
perf-2.6.32-279.9.1.el6.x86_64
perl-5.10.1-127.el6.x86_64
perl-BSD-Resource-1.29.03-3.el6.x86_64
perl-CGI-3.51-127.el6.x86_64
perl-devel-5.10.1-127.el6.x86_64
perl-ExtUtils-MakeMaker-6.55-127.el6.x86_64
perl-ExtUtils-ParseXS-2.2003.0-127.el6.x86_64
perl-libs-5.10.1-127.el6.x86_64
perl-Module-Pluggable-3.90-127.el6.x86_64
perl-Mozilla-LDAP-1.5.3-4.el6.x86_64
perl-Newt-1.08-26.el6.x86_64
perl-Pod-Escapes-1.04-127.el6.x86_64
perl-Pod-Simple-3.13-127.el6.x86_64
perl-Test-Harness-3.17-127.el6.x86_64
perl-Test-Simple-0.92-127.el6.x86_64
perl-version-0.77-127.el6.x86_64
phonon-backend-gstreamer-4.6.2-24.el6.x86_64
pinentry-0.7.6-6.el6.x86_64
pinfo-0.6.9-12.el6.x86_64
pixman-0.18.4-1.el6_0.1.x86_64
pkgconfig-0.23-9.1.el6.x86_64
plymouth-0.8.3-24.el6.centos.x86_64
plymouth-core-libs-0.8.3-24.el6.centos.x86_64
plymouth-gdm-hooks-0.8.3-24.el6.centos.x86_64
plymouth-graphics-libs-0.8.3-24.el6.centos.x86_64
plymouth-plugin-label-0.8.3-24.el6.centos.x86_64
plymouth-plugin-two-step-0.8.3-24.el6.centos.x86_64
plymouth-scripts-0.8.3-24.el6.centos.x86_64
plymouth-system-theme-0.8.3-24.el6.centos.noarch
plymouth-theme-rings-0.8.3-24.el6.centos.noarch
plymouth-utils-0.8.3-24.el6.centos.x86_64
pm-utils-1.2.5-9.el6.x86_64
policycoreutils-2.0.83-19.24.el6.x86_64
policycoreutils-python-2.0.83-19.24.el6.x86_64
polkit-0.96-2.el6_0.1.x86_64
polkit-desktop-policy-0.96-2.el6_0.1.noarch
polkit-gnome-0.96-3.el6.x86_64
poppler-0.12.4-3.el6_0.1.x86_64
poppler-data-0.4.0-1.el6.noarch
poppler-utils-0.12.4-3.el6_0.1.x86_64
popt-1.13-7.el6.x86_64
portreserve-0.0.4-9.el6.x86_64
postfix-2.6.6-2.2.el6_1.x86_64
powertop-1.11-6.el6.x86_64
ppl-0.10.2-11.el6.x86_64
ppp-2.4.5-5.el6.x86_64
prelink-0.4.6-3.el6.x86_64
procps-3.2.8-23.el6.x86_64
psacct-6.3.2-63.el6_3.3.x86_64
psmisc-22.6-15.el6_0.1.x86_64
pth-2.0.7-9.3.el6.x86_64
pulseaudio-0.9.21-14.el6_3.x86_64
pulseaudio-gdm-hooks-0.9.21-14.el6_3.x86_64
pulseaudio-libs-0.9.21-14.el6_3.x86_64
pulseaudio-libs-glib2-0.9.21-14.el6_3.x86_64
pulseaudio-module-gconf-0.9.21-14.el6_3.x86_64
pulseaudio-module-x11-0.9.21-14.el6_3.x86_64
pulseaudio-utils-0.9.21-14.el6_3.x86_64
pycairo-1.8.6-2.1.el6.x86_64
pygobject2-2.20.0-5.el6.x86_64
pygpgme-0.1-18.20090824bzr68.el6.x86_64
pygtk2-2.16.0-3.el6.x86_64
pygtk2-libglade-2.16.0-3.el6.x86_64
pyOpenSSL-0.10-2.el6.x86_64
pyorbit-2.24.0-5.el6.x86_64
python-2.6.6-29.el6_3.3.x86_64
python-crypto-2.0.1-22.el6.x86_64
python-dateutil-1.4.1-6.el6.noarch
python-decorator-3.0.1-3.1.el6.noarch
python-ethtool-0.6-1.el6.x86_64
python-iniparse-0.3.1-2.1.el6.noarch
python-iwlib-0.1-1.2.el6.x86_64
python-kerberos-1.1-6.2.el6.x86_64
python-krbV-1.0.90-3.el6.x86_64
python-ldap-2.3.10-1.el6.x86_64
python-libs-2.6.6-29.el6_3.3.x86_64
python-lxml-2.2.3-1.1.el6.x86_64
python-matplotlib-0.99.1.2-1.el6.x86_64
python-meh-0.12.1-3.el6.noarch
python-netaddr-0.7.5-4.el6.noarch
python-nose-0.10.4-3.1.el6.noarch
python-nss-0.11-3.el6.x86_64
python-paramiko-1.7.5-2.1.el6.noarch
python-pycurl-7.19.0-8.el6.x86_64
python-qpid-0.14-11.el6_3.noarch
python-qpid-qmf-0.14-14.el6_3.x86_64
python-saslwrapper-0.14-1.el6.x86_64
python-setuptools-0.6.10-3.el6.noarch
python-slip-0.2.20-1.el6_2.noarch
python-slip-dbus-0.2.20-1.el6_2.noarch
python-urlgrabber-3.9.1-8.el6.noarch
pytz-2010h-2.el6.noarch
pyxdg-0.18-1.el6.noarch
pyxf86config-0.3.37-7.1.el6.x86_64
ql2100-firmware-1.19.38-3.1.el6.noarch
ql2200-firmware-2.02.08-3.1.el6.noarch
ql23xx-firmware-3.03.27-3.1.el6.noarch
ql2400-firmware-5.06.05-1.el6.noarch
ql2500-firmware-5.06.05-1.el6.noarch
qpid-cpp-client-0.14-22.el6_3.x86_64
qpid-cpp-client-ssl-0.14-22.el6_3.x86_64
qpid-cpp-server-0.14-22.el6_3.x86_64
qpid-cpp-server-ssl-0.14-22.el6_3.x86_64
qpid-qmf-0.14-14.el6_3.x86_64
qpid-tools-0.14-6.el6_3.noarch
qt3-3.3.8b-30.el6.x86_64
qt-4.6.2-24.el6.x86_64
qt-sqlite-4.6.2-24.el6.x86_64
qt-x11-4.6.2-24.el6.x86_64
quota-3.17-16.el6.x86_64
rarian-0.8.1-5.1.el6.x86_64
rarian-compat-0.8.1-5.1.el6.x86_64
rdate-1.4-16.el6.x86_64
readahead-1.5.6-1.el6.x86_64
readline-6.0-4.el6.x86_64
redhat-bookmarks-6-1.el6.centos.noarch
redhat-logos-60.0.14-12.el6.centos.noarch
redhat-lsb-4.0-3.el6.centos.x86_64
redhat-lsb-graphics-4.0-3.el6.centos.x86_64
redhat-lsb-printing-4.0-3.el6.centos.x86_64
redhat-menus-14.0.0-3.el6.noarch
rfkill-0.3-4.el6.x86_64
rhino-1.7-0.7.r2.2.el6.noarch
rng-tools-2-13.el6_2.x86_64
rootfiles-8.1-6.1.el6.noarch
rpcbind-0.2.0-9.el6.x86_64
rpm-4.8.0-27.el6.x86_64
rpm-libs-4.8.0-27.el6.x86_64
rpm-python-4.8.0-27.el6.x86_64
rsync-3.0.6-9.el6.x86_64
rsyslog-5.8.10-2.el6.x86_64
rt61pci-firmware-1.2-7.el6.noarch
rt73usb-firmware-1.8-7.el6.noarch
rtkit-0.5-1.el6.x86_64
samba3-client-3.6.6-44.el6.x86_64
samba3-winbind-3.6.6-44.el6.x86_64
saslwrapper-0.14-1.el6.x86_64
SDL-1.2.14-3.el6.x86_64
sed-4.2.1-10.el6.x86_64
seekwatcher-0.12-5.el6.noarch
selinux-policy-3.7.19-155.el6_3.4.noarch
selinux-policy-targeted-3.7.19-155.el6_3.4.noarch
setools-libs-3.3.7-4.el6.x86_64
setools-libs-python-3.3.7-4.el6.x86_64
setroubleshoot-3.0.47-3.el6_3.x86_64
setroubleshoot-plugins-3.0.40-1.el6.noarch
setroubleshoot-server-3.0.47-3.el6_3.x86_64
setserial-2.17-25.el6.x86_64
setup-2.8.14-16.el6.noarch
setuptool-1.19.9-3.el6.x86_64
sg3_utils-libs-1.28-4.el6.x86_64
sgml-common-0.6.3-32.el6.noarch
sgpio-1.2.0.10-5.el6.x86_64
shadow-utils-4.1.4.2-13.el6.x86_64
shared-mime-info-0.70-4.el6.x86_64
sigar-1.6.5-0.4.git58097d9.el6.x86_64
sil-padauk-fonts-2.6.1-1.el6.noarch
sinjdoc-0.5-9.1.el6.x86_64
slang-2.2.1-1.el6.x86_64
smartmontools-5.42-2.el6.x86_64
smc-fonts-common-04.2-11.el6.noarch
smc-meera-fonts-04.2-11.el6.noarch
smp_utils-0.94-4.el6.x86_64
sos-2.2-29.el6.noarch
sound-theme-freedesktop-0.7-3.el6.noarch
speex-1.2-0.12.rc1.1.el6.x86_64
spice-vdagent-0.8.1-3.el6.x86_64
sqlite-3.6.20-1.el6.x86_64
sssd-1.8.0-32.el6.x86_64
sssd-client-1.8.0-32.el6.x86_64
startup-notification-0.10-2.1.el6.x86_64
stix-fonts-0.9-13.1.el6.noarch
strace-4.5.19-1.11.el6_2.1.x86_64
sudo-1.7.4p5-13.el6_3.x86_64
svrcore-4.0.4-5.1.el6.x86_64
sysstat-9.0.4-20.el6.x86_64
system-config-date-1.9.60-1.el6.centos.noarch
system-config-date-docs-1.0.11-1.el6.noarch
system-config-firewall-base-1.2.27-5.el6.noarch
system-config-firewall-tui-1.2.27-5.el6.noarch
system-config-keyboard-1.3.1-4.el6.x86_64
system-config-keyboard-base-1.3.1-4.el6.x86_64
system-config-network-tui-1.6.0.el6.2-1.el6.noarch
system-config-users-1.2.106-5.el6.noarch
system-config-users-docs-1.0.8-1.el6.noarch
system-gnome-theme-60.0.2-1.el6.noarch
system-icon-theme-6.0.0-2.el6.noarch
system-setup-keyboard-0.7-4.el6.x86_64
systemtap-runtime-1.7-5.el6.x86_64
sysvinit-tools-2.87-4.dsf.el6.x86_64
taglib-1.6.1-1.1.el6.x86_64
tar-1.23-7.el6.x86_64
tcpdump-4.0.0-3.20090921gitdf3cb4.2.el6.x86_64
tcp_wrappers-7.6-57.el6.x86_64
tcp_wrappers-libs-7.6-57.el6.x86_64
tcsh-6.17-19.el6_2.x86_64
thai-scalable-fonts-common-0.4.12-2.1.el6.noarch
thai-scalable-waree-fonts-0.4.12-2.1.el6.noarch
theora-tools-1.1.0-2.el6.x86_64
tibetan-machine-uni-fonts-1.901-5.el6.noarch
time-1.7-37.1.el6.x86_64
tmpwatch-2.9.16-4.el6.x86_64
totem-mozplugin-2.28.6-2.el6.x86_64
totem-pl-parser-2.28.3-1.el6.x86_64
trace-cmd-1.0.5-7.el6.x86_64
traceroute-2.0.14-2.el6.x86_64
ttmkfdir-3.0.9-32.1.el6.x86_64
tuned-0.2.19-7.el6.noarch
tzdata-2012c-3.el6.noarch
tzdata-java-2012c-3.el6.noarch
udev-147-2.42.el6.x86_64
udisks-1.0.1-4.el6.x86_64
un-core-dotum-fonts-1.0.2-0.15.080608.el6.noarch
un-core-fonts-common-1.0.2-0.15.080608.el6.noarch
unique-1.1.4-2.el6.x86_64
unzip-6.0-1.el6.x86_64
upstart-0.6.5-12.el6.x86_64
urw-fonts-2.4-10.el6.noarch
usbutils-003-4.el6.x86_64
usermode-1.102-3.el6.x86_64
usermode-gtk-1.102-3.el6.x86_64
ustr-1.0.4-9.1.el6.x86_64
util-linux-ng-2.17.2-12.7.el6.x86_64
valgrind-3.6.0-5.el6.x86_64
vconfig-1.9-8.1.el6.x86_64
vim-common-7.2.411-1.8.el6.x86_64
vim-enhanced-7.2.411-1.8.el6.x86_64
vim-minimal-7.2.411-1.8.el6.x86_64
vino-2.28.1-3.el6.x86_64
virt-what-1.11-1.1.el6.x86_64
vlgothic-fonts-20091202-2.el6.noarch
vlgothic-fonts-common-20091202-2.el6.noarch
vte-0.25.1-7.el6.x86_64
wacomexpresskeys-0.4.2-3.el6.x86_64
wavpack-4.60-1.1.el6.x86_64
wdaemon-0.17-2.el6.x86_64
webalizer-2.21_02-3.3.el6.x86_64
wget-1.12-1.4.el6.x86_64
which-2.19-6.el6.x86_64
wireless-tools-29-5.1.1.el6.x86_64
words-3.0-17.el6.noarch
wpa_supplicant-0.7.3-3.el6.x86_64
wqy-zenhei-fonts-0.9.45-3.el6.noarch
xcb-util-0.3.6-1.el6.x86_64
xdg-user-dirs-0.12-4.el6.x86_64
xdg-user-dirs-gtk-0.8-7.el6.x86_64
xdg-utils-1.0.2-17.20091016cvs.el6.noarch
xkeyboard-config-2.3-1.el6.noarch
xml-common-0.6.3-32.el6.noarch
xmlrpc-c-1.16.24-1209.1840.el6.x86_64
xmlrpc-c-client-1.16.24-1209.1840.el6.x86_64
xorg-x11-drivers-7.3-13.3.el6.x86_64
xorg-x11-drv-acecad-1.5.0-3.el6.x86_64
xorg-x11-drv-aiptek-1.4.1-2.el6.x86_64
xorg-x11-drv-apm-1.2.3-2.el6.x86_64
xorg-x11-drv-ast-0.91.10-1.el6.x86_64
xorg-x11-drv-ati-6.14.2-9.el6.x86_64
xorg-x11-drv-ati-firmware-6.14.2-9.el6.noarch
xorg-x11-drv-cirrus-1.3.2-2.el6.x86_64
xorg-x11-drv-dummy-0.3.4-1.el6.x86_64
xorg-x11-drv-elographics-1.3.0-2.el6.x86_64
xorg-x11-drv-evdev-2.6.0-2.el6.x86_64
xorg-x11-drv-fbdev-0.4.2-2.el6.x86_64
xorg-x11-drv-fpit-1.4.0-2.el6.x86_64
xorg-x11-drv-glint-1.2.5-1.el6.x86_64
xorg-x11-drv-hyperpen-1.4.1-2.el6.x86_64
xorg-x11-drv-i128-1.3.4-1.el6.x86_64
xorg-x11-drv-i740-1.3.2-2.el6.x86_64
xorg-x11-drv-intel-2.16.0-4.el6.x86_64
xorg-x11-drv-keyboard-1.6.0-1.el6.x86_64
xorg-x11-drv-mach64-6.9.0-1.el6.x86_64
xorg-x11-drv-mga-1.4.13-7.el6.x86_64
xorg-x11-drv-mouse-1.7.0-4.el6.x86_64
xorg-x11-drv-mutouch-1.3.0-2.el6.x86_64
xorg-x11-drv-nouveau-0.0.16-13.20110719gitde9d1ba.el6.x86_64
xorg-x11-drv-nv-2.1.18-2.el6.x86_64
xorg-x11-drv-openchrome-0.2.904-4.el6.x86_64
xorg-x11-drv-penmount-1.5.0-2.el6.x86_64
xorg-x11-drv-qxl-0.0.14-13.el6_2.x86_64
xorg-x11-drv-r128-6.8.1-3.el6.x86_64
xorg-x11-drv-rendition-4.2.4-1.el6.x86_64
xorg-x11-drv-s3virge-1.10.4-2.el6.x86_64
xorg-x11-drv-savage-2.3.2-1.el6.x86_64
xorg-x11-drv-siliconmotion-1.7.5-1.el6.x86_64
xorg-x11-drv-sis-0.10.3-1.el6.x86_64
xorg-x11-drv-sisusb-0.9.4-1.el6.x86_64
xorg-x11-drv-synaptics-1.4.1-3.el6.x86_64
xorg-x11-drv-tdfx-1.4.3-2.el6.x86_64
xorg-x11-drv-trident-1.3.4-1.el6.x86_64
xorg-x11-drv-v4l-0.2.0-4.el6.x86_64
xorg-x11-drv-vesa-2.3.0-2.el6.x86_64
xorg-x11-drv-vmmouse-12.7.0-1.el6.x86_64
xorg-x11-drv-vmware-11.0.3-1.el6.x86_64
xorg-x11-drv-void-1.4.0-1.el6.x86_64
xorg-x11-drv-voodoo-1.2.4-1.el6.x86_64
xorg-x11-drv-wacom-0.13.0-6.el6.x86_64
xorg-x11-drv-xgi-1.6.0-11.el6.x86_64
xorg-x11-fonts-100dpi-7.2-9.1.el6.noarch
xorg-x11-fonts-ISO8859-1-100dpi-7.2-9.1.el6.noarch
xorg-x11-fonts-misc-7.2-9.1.el6.noarch
xorg-x11-fonts-Type1-7.2-9.1.el6.noarch
xorg-x11-font-utils-7.2-11.el6.x86_64
xorg-x11-server-common-1.10.6-1.el6.centos.x86_64
xorg-x11-server-utils-7.5-5.2.el6.x86_64
xorg-x11-server-Xorg-1.10.6-1.el6.centos.x86_64
xorg-x11-utils-7.4-8.el6.x86_64
xorg-x11-xauth-1.0.2-7.1.el6.x86_64
xorg-x11-xinit-1.0.9-13.el6.x86_64
xorg-x11-xkb-utils-7.4-6.el6.x86_64
xulrunner-10.0.7-1.el6.centos.x86_64
xvattr-1.3-18.el6.x86_64
xz-4.999.9-0.3.beta.20091007git.el6.x86_64
xz-libs-4.999.9-0.3.beta.20091007git.el6.x86_64
xz-lzma-compat-4.999.9-0.3.beta.20091007git.el6.x86_64
yelp-2.28.1-13.el6_2.x86_64
ypbind-1.20.4-29.el6.x86_64
yp-tools-2.9-12.el6.x86_64
yum-3.2.29-30.el6.centos.noarch
yum-metadata-parser-1.1.2-16.el6.x86_64
yum-plugin-fastestmirror-1.1.30-14.el6.noarch
yum-plugin-security-1.1.30-14.el6.noarch
yum-utils-1.1.30-14.el6.noarch
zd1211-firmware-1.4-4.el6.noarch
zenity-2.28.0-1.el6.x86_64
zip-3.0-1.el6.x86_64
zlib-1.2.3-27.el6.x86_64
 
it spun at 100% just because the configuration of TLS. if you comment the three lines:
Code: 
#olcTLSCACertificateFile: /etc/pki/tls/cert.pem
#olcTLSCertificateFile: /etc/pki/tls/certs/qinguan_cert.pem
#olcTLSCertificateKeyFile: /etc/pki/tls/certs/qinguan_key.pem
and restart the slapd, the CPU usage will return normal. So there are still some problems on the TLS configuration with CentOS 6.3.
 
I followed this Howto:
http://wiki.openiam.com/pages/viewpage.action?pageId=7635198 and managed it working Once on a x86_64 machine, but I could't reproduce the result again, strangely.
And now on an i686 machine, a problem puzzled me two days. :confused:
Code: 
TLS: error: connect - force handshake failure: errno 0 - moznss error -5938
TLS: can't connect: TLS error -5938:Encountered end of file.
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
 
I managed it working on a x86_64 manchine,CentOS6.3. The certification is very important. we can check it with command "openssl s_client -connect localhost:636 -showcerts".
 
I stumbled across this while looking for some current instructions on how to get openldap going on RHEL6.x derivatives and thought I would give back with what worked for me.

SSL appears to be pre-packaged as of 2.3.43-25.el5_8.1 You can literally skip all of the SSL steps now, creating self signed certs, adding the 3 lines into the config etc

#olcTLSCACertificateFile: /etc/pki/tls/cert.pem
#olcTLSCertificateFile: /etc/pki/tls/certs/qinguan_cert.pem
#olcTLSCertificateKeyFile: /etc/pki/tls/certs/qinguan_key.pem


Also one update was needed to base.ldif. As-is it did not work for me. The dc: line needs to be removed so it looks like this:

dn: dc=abc123,dc=com
objectClass: top
objectClass: domain

dn: ou=People,dc=abc123,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit

dn: ou=Group,dc=abc123,dc=com
ou: Group
objectClass: top
objectClass: organizationalUnit


Thanks to the OP for taking the time to put this doc together!
 
deeno said:
I stumbled across this while looking for some current instructions on how to get openldap going on RHEL6.x derivatives and thought I would give back with what worked for me.

SSL appears to be pre-packaged as of 2.3.43-25.el5_8.1 You can literally skip all of the SSL steps now, creating self signed certs, adding the 3 lines into the config etc

#olcTLSCACertificateFile: /etc/pki/tls/cert.pem
#olcTLSCertificateFile: /etc/pki/tls/certs/qinguan_cert.pem
#olcTLSCertificateKeyFile: /etc/pki/tls/certs/qinguan_key.pem


Also one update was needed to base.ldif. As-is it did not work for me. The dc: line needs to be removed so it looks like this:

dn: dc=abc123,dc=com
objectClass: top
objectClass: domain

dn: ou=People,dc=abc123,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit

dn: ou=Group,dc=abc123,dc=com
ou: Group
objectClass: top
objectClass: organizationalUnit


Thanks to the OP for taking the time to put this doc together!
Click to expand...

This still doesn't work for me. I ran through stratus_ss's guide completely again from scratch and skipped all the SSL/TLS parts.
I can query the LDAP database using ldapsearch on port 389 but on 636 the command still hangs:
Code: 
# ldapsearch -x -H "ldaps://ldap.example.com" -d 1
ldap_url_parse_ext(ldaps://ldap.example.com)
ldap_create
ldap_url_parse_ext(ldaps://ldap.example.com:636/??base)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP ldap.example.com:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.56.8:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
TLS: using moznss security dir /etc/openldap/certs prefix .
^C

Here are all of my config files mentioned in stratus's guide:
/etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif:
  • Changed the domain to example.com
  • added olcRootPW line

In /etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif I only changed the domain to example.com

/etc/sysconfig/ldap:

Code: 
# Options of slapd (see man slapd)
#SLAPD_OPTIONS=

# At least one of SLAPD_LDAP, SLAPD_LDAPI and SLAPD_LDAPS must be set to 'yes'!
#
# Run slapd with -h "... ldap:/// ..."
#   yes/no, default: yes
SLAPD_LDAP=yes

# Run slapd with -h "... ldapi:/// ..."
#   yes/no, default: yes
SLAPD_LDAPI=yes

# Run slapd with -h "... ldaps:/// ..."
#   yes/no, default: no
SLAPD_LDAPS=yes

# Run slapd with -h "... $SLAPD_URLS ..."
# This option could be used instead of previous three ones, but:
# - it doesn't overwrite settings of $SLAPD_LDAP, $SLAPD_LDAPS and $SLAPD_LDAPI options
# - it isn't overwritten by settings of $SLAPD_LDAP, $SLAPD_LDAPS and $SLAPD_LDAPI options
# example: SLAPD_URLS="ldapi:///var/lib/ldap_root/ldapi ldapi:/// ldaps:///"
# default: empty
#SLAPD_URLS=""

# Maximum allowed time to wait for slapd shutdown on 'service ldap stop' (in seconds)
#SLAPD_SHUTDOWN_TIMEOUT=3

# Parameters to ulimit, use to change system limits for slapd
#SLAPD_ULIMIT_SETTINGS=""

/etc/openldap/ldap.conf:

Code: 
TLS_CACERTDIR   /etc/openldap/certs
URI ldap://ldap.example.com
BASE dc=example,dc=com

In the base.ldif I removed the dc line like you said.

And that's about it. Like I said, I can query the ldap database over ldap but it hangs on ldaps.

On my client Virtual Machine, I installed ldap-clients and did the configuration with authconfig-gtk. Furthermore, I also skipped the SSL parts on the client and only did the non-SSL parts in the config files. My client VM can't even connect to the LDAP server on port 389, giving me the error "Can't contact LDAP server (-1)".

This thing is driving me crazy....
 
Yes it driving me too but for me I was able to establish ssl connection between the server and the client but can query the server, I'm gonna tear my hair :O(
 
Tried to connect my client CentOS desktop with my LDAP server over telnet on port 389, because my client is unable to establish an LDAP connection to the LDAP server using the ldapsearch command. Telnet tells me there is no route to the host... Wait whut?..
route -n tells me the gateway to my Virtualbox Host-Only LAN is 0.0.0.0 which is 127.0.0.1 when I ping it. Sounds like a gateway of last resort. How the heck is it even possible then that I am actually able to ping my other guest VM's? Somehow Virtualbox is acting up too...
 
i found, by tracing the slapd process that in 6.3 ldaps spins the cpu at 100 percent. it goes into an infinite loop reading the cert file. i have not been able to solve this yet but i keep poking at it when i have time
 
You must log in or register to reply here.

Similar threads

Stratus_ss
HowTO: Setup an LDAP Server CentOS 6.3
2 3
Replies
43
Views
34K
Stratus_ss
Stratus_ss
Stratus_ss
CentOS, LDAP and Samba password sync?
Replies
3
Views
5K
Stratus_ss
Stratus_ss
J
OpenLDAP and ACLs
Replies
2
Views
876
Johnny5
J
Stratus_ss
HowTO: (389) Directory Server and Samba Integration
Replies
1
Views
8K
Stratus_ss
Stratus_ss
Stratus_ss
ldap client help? Ubuntu connects but no others
Replies
1
Views
1K
Stratus_ss
Stratus_ss
Back