0 beğenilme 0 beğenilmeme
1 görüntülenme
Ruby kategorisinde Bilge (154k puan) tarafından
Hata 1:
gems/ruby-2.7.0/gems/net-ldap-0.16.3/lib/net/ldap/connection.rb:72:in `open_connection': Connection reset by peer - SSL_connect (Net::LDAP::Error)

Hata 2:
certificate verify failed (unable to get local issuer certificate) (Net::LDAP::Error)

Hata 3:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (Net::LDAP::Error)
    

5 Cevaplar

0 beğenilme 0 beğenilmeme
Bilge (154k puan) tarafından
Active Directory üzerine add role and features üzerinden ssl kurulumunu yapınız.

1-  Turn On LDAP SSL on your Windows 2019 Active Directory

2- Sertifikanızı kontrol ediniz.

3- Linux tarafından şu komutla test edebilirsiniz

#openssl s_client -connect 10.0.z.z:636 -showcerts
0 beğenilme 0 beğenilmeme
Bilge (154k puan) tarafından
Can you check domain controller certificate on Active directory by following below steps
1. Click Start > Run > MMC > OK.
2. In the Console 1 window, click File > Add/Remove Snap-in > select Certificates > Add > select Computer Account > Next > Local Computer > Finish > OK.
3. Expand Certificates, expand Personal, click Certificates.

Check whether you have a certificate with Template as "Domain Controller". If this certificate is not present follow below steps to create domain controller certificate

1. Right-click Certificates, then click All Tasks > Request New Certificate.
2. In the Certificate Enrollment wizard, click Next.
3. Select Domain Controller, and click Enroll > Finish.

After this you can check active directory login on iDRAC
0 beğenilme 0 beğenilmeme
Bilge (154k puan) tarafından
Diğer,

Host adını sertifika ile uygun olacak şekilde yazınız. (IP değil hostname olmalıdır.)
0 beğenilme 0 beğenilmeme
Bilge (154k puan) tarafından
require 'rubygems'
require 'net/ldap'

# Uses the same settings as net/ldap
settings = {
    :host => 'aa.bb.com',
    :base => 'dc=aa,dc=com',
    :port => 636,
    # :encryption => :start_tls,
    encryption: {
        method: :simple_tls,
    },
    :auth => {
        :method => :simple,
        :username => 'aa\administrator',
        :password => "xxyyzz"
    }
}


ldap = Net::LDAP.new(settings)
puts ldap.get_operation_result
puts "Host: #{ldap.host}  Base: #{ldap.base}"

filter = Net::LDAP::Filter.eq("cn", "a*")
treebase = "DC=aa, DC=com"
puts ldap.get_operation_result
ldap.search(:base => treebase, :filter => filter) do |entry|
    puts "DN: #{entry.dn}"
    entry.each do |attribute, values|
        puts "   #{attribute}:"
        values.each do |value|
            puts "-  >#{value}"
        end
    end
end
0 beğenilme 0 beğenilmeme
Bilge (154k puan) tarafından

Alternatif;

require 'rubygems'
require 'net/ldap'
require_relative 'DConst'


ldap_args = {}
ldap_args[:host] = DConst::HOST_NAME
ldap_args[:base] = DConst::HOST_BASEDN
ldap_args[:encryption] = :simple_tls
ldap_args[:port] = 636

auth = {}
auth[:username] = DConst::USER_NAME
auth[:password] = DConst::USER_PASS
auth[:method] = :simple
ldap_args[:auth] = auth

ldap = Net::LDAP.new(ldap_args)
puts ldap.get_operation_result
puts ldap.host
puts ldap.base

filter = Net::LDAP::Filter.eq("cn", "a*")
treebase = "DC=#{DConst::HOST_BASEDN}, DC=com"
puts ldap.get_operation_result
ldap.search(:base => treebase, :filter => filter) do |entry|
  puts "DN: #{entry.dn}"
  entry.each do |attribute, values|
    puts "   #{attribute}:"
    values.each do |value|
      puts "-  >#{value}"
    end
  end
end
...