|
Bugzilla – Full Text Bug Listing |
| Summary: | yast2 ldap-client write ldaps:// uri to sssd.conf | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 11.4 | Reporter: | Ralf Haferkamp <ralf> |
| Component: | YaST2 | Assignee: | Jiří Suchomel <jsuchome> |
| Status: | VERIFIED FIXED | QA Contact: | Jiri Srain <jsrain> |
| Severity: | Normal | ||
| Priority: | P5 - None | ||
| Version: | Milestone 5 of 6 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | Development | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Ralf Haferkamp
2011-01-07 14:07:23 UTC
(In reply to comment #0) > After configuring sssd with yast2-ldap-client I see > "ldap_uri = ldaps://<my-ldap-server>" in sssd.conf. Please use "ldap://" > instead of "ldaps://" as we already set "ldap_id_use_start_tls = True" using > ldaps:// uri and starttls at the same time is wrong. OK. > BTW, please also switch to "uri" instead of "host" in /etc/ldap.conf and > /etc/openldap/ldap.conf, that way we have it consitent across all the files. So, if 'host' is present, should I remove it? And again, 'uri' should use only ldap:// and no ldaps? (In reply to comment #1) > > BTW, please also switch to "uri" instead of "host" in /etc/ldap.conf and > > /etc/openldap/ldap.conf, that way we have it consitent across all the files. > > So, if 'host' is present, should I remove it? Yes, it is either "host" or "uri" not both at the same time (for the ldap.conf files). OTOH, doesn't yast2-ldap/yast2-ldap-client able to make use of the "uri" setting or does it only evaluate the "host" lines, e.g. when determing the LDAP server for yast2-ldap-browser, yast2-dns-server, ....? > And again, 'uri' should use only ldap:// and no ldaps? Yes. Or we would need to add another option to the UI for the user to select to either use "ldap:// + StartTLS" or "ldaps://". I'd rather not add that. Fixed in yast2-ldap-client-2.20.5 Seems to work now. |