Re: Openldap and sssd: getting slapd to do TLS negotiation or getting sssd to NOT do TLS negotiation
What would you recommend as a replacement for SSSD? I am running it across Centos 6 and 7 clients without any issue using TLS.
Thanks,
Douglas Duckworth, MSc, LFCS HPC System Administrator Scientific Computing Unit Physiology and Biophysics Weill Cornell Medicine E: doug@med.cornell.edu O: 212-746-6305 F: 212-746-8690
On Thu, Sep 28, 2017 at 4:28 PM, Quanah Gibson-Mount quanah@symas.com wrote:
--On Thursday, September 28, 2017 2:18 PM -0700 Quanah Gibson-Mount quanah@symas.com wrote:
--On Thursday, September 28, 2017 4:41 PM -0400 Robert Heller heller@deepsoft.com wrote:
Will these spit out useful error messages? If I just get "TLS Negotiation failure" it is not going to be helpful.
However, you may have hit a known and unfixed bug in SSSD:
You may be better off using a better written piece of software.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: https://urldefense.proofpoint.com/v2/url?u=http- 3A__www.symas.com&d=DwICAg&c=lb62iw4YL4RFalcE2hQUQealT9- RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m= Ja4DjRR6Qj8_V_dfdMKRYjRAr1xpbNW8S-ZCeuu0wVU&s=dEVYmbtnrd3EzH7Xm1Pk8GYotr6_ kbuWkSoBh6UEV7I&e=
openldap-technical@openldap.org
-
Douglas Duckworth