Ticket #31 (closed defect: fixed)

Opened 8 years ago

Last modified 5 years ago

Native LDAP PAM backend cannot authenticate against non-TLS LDAP server

Reported by: sgallagh Owned by: sbose
Priority: major Milestone: SSSD 1.0
Component: LDAP Provider Version: 0.3.1
Keywords: Cc:
Blocked By: Blocking:
Sensitive: Tests Updated:
Coverity Bug: Patch Submitted:
Red Hat Bugzilla: 0 Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:
Temp mark:


If there is no TLS CA Cert available for communication with the LDAP server (or /etc/ldap.conf has "ssl off"), SSSD will not authenticate.

Change History

comment:1 Changed 8 years ago by sbose

  • fixedin set to 0.4.0
  • Status changed from new to closed
  • Resolution set to fixed

This was fixed with commit e7514def89cbbf52cc49fbc0f8ad6fe642304331. The option tls_reqcert for the native LDAP backend can be used in the same way as the corresponding option from /etc/ldap.conf

comment:2 Changed 5 years ago by dpal

  • Red Hat Bugzilla set to 0
Note: See TracTickets for help on using tickets.