Novell Home

My Favorites

Close

Please to see your favorites.

ldap_simple_bind failed: 13(Confidentiality required)

This document (7013372) is provided subject to the disclaimer at the end of this document.

Environment

eDirectory 8.8.7
Open Enterprise Server 11.1 (OES11 SP1)
Domain Services for Windows
DSfW

Situation

Bind error (13: Confidentiality required)
ldap_simple_bind failed: 13(Confidentiality required)
Configuring an application to bind to eDirectory over un-secure port 389 fails with "Bind error (13: Confidentiality required)"
Configuring an application to bind to Domain Services for Windows over un-secure port 389 fails with "Bind error (13: Confidentiality required)"
Configuring an application to bind to DSfW fails with "Bind error (13: Confidentiality required)"

Resolution

"Require TLS for Simple Binds with Password" is enabled and or "Require TLS for all operations" is enabled.  Disable both to allow un-secure binds.

To disable use iManager or ldapconfig

Using ldapconfig to view and to set disable "Require TLS for Simple Binds with Password"and "Require TLS for all operations".
To see the settings with ldapconfig do the following:
ldapconfig get |grep TLS

The above command should return something like this
ldapTLSVerifyClientCertificate: 0
ldapTLSRequired: yes
Require TLS for Simple Binds with Password: yes

Notice ldapTLSRquired: Yes and Require TLS for Simple Binds with Password: yes

To allow un-secure binds set both to no
ldapconfig set "ldapTLSRequired: no"
and 
ldapconfig set "Require TLS for Simple Binds with Password: no"


Using iMananager to set disable "Require TLS for Simple Binds with Password"and "Require TLS for all operations".
Modify the ldap group and server objects for the server in question using iManager
Here is one way to modify the ldap objects in iManager

Click on the LDAP role on the right side | LDAP Options | LDAP Group <ServerName> | un-check "Require TLS for Simple Binds with Password" | click apply
 
Click on the LDAP role on the right side | LDAP Options | LDAP Server <ServerName> | Connections sub tab under the General tab | un-check "Require TLS for all operations" | click apply | click refresh

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7013372
  • Creation Date:25-SEP-13
  • Modified Date:25-SEP-13
    • NovellOpen Enterprise Server
    • SUSESUSE Linux Enterprise Server
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback