Ticket #31 (closed defect: fixed)

Opened 6 years ago

Last modified 3 years ago

Native LDAP PAM backend cannot authenticate against non-TLS LDAP server

Reported by: sgallagh Owned by: sbose
Priority: major Milestone: SSSD 1.0
Component: LDAP Provider Version: 0.3.1
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: Coverity Bug:
Patch Submitted: Red Hat Bugzilla: 0
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:
Temp mark:

Description

If there is no TLS CA Cert available for communication with the LDAP server (or /etc/ldap.conf has "ssl off"), SSSD will not authenticate.

Change History

comment:1 Changed 6 years ago by sbose

  • Resolution set to fixed
  • fixedin set to 0.4.0
  • Status changed from new to closed

This was fixed with commit e7514def89cbbf52cc49fbc0f8ad6fe642304331. The option tls_reqcert for the native LDAP backend can be used in the same way as the corresponding option from /etc/ldap.conf

comment:2 Changed 3 years ago by dpal

  • Red Hat Bugzilla set to 0
Note: See TracTickets for help on using tickets.