Ticket #31 (closed defect: fixed)

Opened 5 years ago

Last modified 2 years ago

Native LDAP PAM backend cannot authenticate against non-TLS LDAP server

Reported by: sgallagh Owned by: sbose
Priority: major Milestone: SSSD 1.0
Component: LDAP Provider Version: 0.3.1
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: Coverity Bug:
Patch Submitted: Red Hat Bugzilla: 0
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

If there is no TLS CA Cert available for communication with the LDAP server (or /etc/ldap.conf has "ssl off"), SSSD will not authenticate.

Change History

comment:1 Changed 5 years ago by sbose

  • Resolution set to fixed
  • Status changed from new to closed
  • fixedin set to 0.4.0

This was fixed with commit e7514def89cbbf52cc49fbc0f8ad6fe642304331. The option tls_reqcert for the native LDAP backend can be used in the same way as the corresponding option from /etc/ldap.conf

comment:2 Changed 2 years ago by dpal

  • Red Hat Bugzilla set to 0
Note: See TracTickets for help on using tickets.