Am 05.12.23 um 13:41 schrieb Stefan Kania: > Hi to all, > > I just started to use my own .ldaprc file in $HOME: > ------------- > URI ldaps://provider01.example.net ldaps://provider02.example.net > BASE dc=example,dc=net > BINDDN uid=repl-user,ou=users,dc=example,dc=net > TLS_REQCERT demand > TLS_CACERT /opt/symas/etc/openldap/cacert.pem > ------------- > > All options are working except "BINDDN". If I use the same user with "-D" it > works, so the user is > present. I expected that ldapsearch will ask for a password when using > "BINDDN" but ldapsearch is > executing as anonymous.
Just a hunch: Are you actually running ldapsearch as a user (read: not root)? The man page for ldap.conf states: " BINDDN <dn>: Specifies the default bind DN to use when performing ldap operations. The bind DN must be specified as a Distinguished Name in LDAP format. This is a user-only option." > > Did I miss something? If "yes" then what? > > > Stefan
