search for: ldap_tls_cacert

Displaying 14 results from an estimated 14 matches for "ldap_tls_cacert".

sssd.conf file missing
2016 Jun 23
2
sssd.conf file missing
...Eventually I did create one, and its contents are the following: [<domain>.org] enumate = true cache_credentials = TRUE id_provider = ldap auth_provider = ldap chpass_provider = ldap ldap_uri = ldap://ldap.<domain>.org ldap_search_base = dc=<domain>,dc=org tls_reqcert = demand ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt If there are any additions or corrections that I need to make, please let me know. I reran the service sssd restart command, and the error message that I am seeing via journalctl -xe is the following: Unit sssd.service has begun starting up. Jun 22 16:05:34 roadt...
sssd.conf file missing
2016 Jun 23
3
sssd.conf file missing
...gt;> enumate = true >> cache_credentials = TRUE >> >> id_provider = ldap >> auth_provider = ldap >> chpass_provider = ldap >> >> ldap_uri = ldap://ldap.<domain>.org >> ldap_search_base = dc=<domain>,dc=org tls_reqcert = demand >> ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt >> >> If there are any additions or corrections that I need to make, please let me know. >> >> I reran the service sssd restart command, and the error message that I am seeing via journalctl -xe is the following: >> >> Unit sssd.s...
Samba4 and sssd authentication not working due "Transport encryption required."
2016 Sep 02
4
Samba4 and sssd authentication not working due "Transport encryption required."
On Fri, 2 Sep 2016 12:33:34 -0700 John Yocum via samba <samba at lists.samba.org> wrote: > On 09/02/2016 08:36 AM, Fosiul Alam via samba wrote: > > Hi Experts > > I have setup samba4 version "samba-4.4.5" , Windows Authentication > > working fine. > > however sssd authentication not working, Same setup work with older > > version of samba4 , so i
Samba4 and sssd authentication not working due "Transport encryption required."
2016 Sep 03
1
Samba4 and sssd authentication not working due "Transport encryption required."
...# A native LDAP domain > [domain/LDAP] > enumerate = true > cache_credentials = TRUE > > id_provider = ldap > auth_provider = ldap > chpass_provider = ldap > > ldap_uri = ldap://ldap.mydomain.org > ldap_search_base = dc=mydomain,dc=org > tls_reqcert = demand > ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt > > > > On Fri, Sep 2, 2016 at 10:09 PM, Rowland Penny via samba < > samba at lists.samba.org> wrote: > >> On Fri, 2 Sep 2016 12:33:34 -0700 >> John Yocum via samba <samba at lists.samba.org> wrote: >> >>&...
CentOS6 LDAP Authentication.
2012 Oct 26
2
CentOS6 LDAP Authentication.
Hi! I can make ldap authentication to work using LDAPS in CentOS 6. On CentOS 5, I just simply set tls_cheekpeer no to /etc/ldap.conf and it works! I tried all /etc/nslcd.conf /etc/pam_ldap.conf /etc/openldap/ldap.conf It 's really confusing on CentOS 6. Why so many files???? CentOS 5 LDAPTLS_REQCERT=never ldapsearch -x -H ldaps://xxxx (works!) CentOS 6 LDAPTLS_REQCERT=never ldapsearch -x
sssd.conf file missing
2016 Jun 23
1
sssd.conf file missing
...cache_credentials = TRUE >>> >>> id_provider = ldap >>> auth_provider = ldap >>> chpass_provider = ldap >>> >>> ldap_uri = ldap://ldap.<domain>.org >>> ldap_search_base = dc=<domain>,dc=org tls_reqcert = demand >>> ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt >>> >>> If there are any additions or corrections that I need to make, >>> please let me know. >>> >>> I reran the service sssd restart command, and the error message that >>> I am seeing via journalctl -xe is...
Samba4 and sssd authentication not working due "Transport encryption required."
2016 Sep 03
0
Samba4 and sssd authentication not working due "Transport encryption required."
...i can use in sssd tls authenticaiton ? Thanks for the help # A native LDAP domain [domain/LDAP] enumerate = true cache_credentials = TRUE id_provider = ldap auth_provider = ldap chpass_provider = ldap ldap_uri = ldap://ldap.mydomain.org ldap_search_base = dc=mydomain,dc=org tls_reqcert = demand ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt On Fri, Sep 2, 2016 at 10:09 PM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Fri, 2 Sep 2016 12:33:34 -0700 > John Yocum via samba <samba at lists.samba.org> wrote: > > > On 09/02/2016 08:36 AM, Fosiul Alam via sa...
sssd.conf file missing
2016 Jun 23
0
sssd.conf file missing
...enumate = true >> cache_credentials = TRUE >> >> id_provider = ldap >> auth_provider = ldap >> chpass_provider = ldap >> >> ldap_uri = ldap://ldap.<domain>.org >> ldap_search_base = dc=<domain>,dc=org >> tls_reqcert = demand >> ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt >> >> If there are any additions or corrections that I need to make, please let me know. >> >> I reran the service sssd restart command, and the error message that I am seeing via journalctl -xe is the following: >> >> Unit sssd.s...
sssd.conf file missing
2016 Jun 23
1
sssd.conf file missing
...Eventually I did create one, and its contents are the following: [<domain>.org] enumate = true cache_credentials = TRUE id_provider = ldap auth_provider = ldap chpass_provider = ldap ldap_uri = ldap://ldap.<domain>.org ldap_search_base = dc=<domain>,dc=org tls_reqcert = demand ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt If there are any additions or corrections that I need to make, please let me know. I reran the service sssd restart command, and the error message that I am seeing via journalctl -xe is the following: Unit sssd.service has begun starting up. Jun 22 16:05:34 roadt...
sssd.conf file missing
2016 Jun 23
0
sssd.conf file missing
...cache_credentials = TRUE >>> >>> id_provider = ldap >>> auth_provider = ldap >>> chpass_provider = ldap >>> >>> ldap_uri = ldap://ldap.<domain>.org >>> ldap_search_base = dc=<domain>,dc=org tls_reqcert = demand >>> ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt >>> >>> If there are any additions or corrections that I need to make, please >>> let me know. >>> >>> I reran the service sssd restart command, and the error message that I >>> am seeing via journalctl -xe is th...
Authenticating sudo with ipa.
2013 Oct 17
1
Authenticating sudo with ipa.
...08:9D:5E:F7:96:2A:FA:E4:60:76:4E:8A:12:FE:15 (ssh-dss) ## /etc/sssd/sssd.conf on the client [domain/192-168-0-100.local] cache_credentials = True krb5_store_password_if_offline = True krb5_realm = LOCAL ipa_domain = 192-168-0-100.local id_provider = ipa auth_provider = ipa access_provider = ipa ldap_tls_cacert = /etc/ipa/ca.crt ipa_hostname = 192-168-0-110.local chpass_provider = ipa ipa_server = _srv_, 192-168-0-100.local dns_discovery_domain = 192-168-0-100.local sudo_provider = ldap ldap_uri = ldap://192-168-0-100.local ldap_sudo_search_base = ou=sudoers,dc=local ldap_sasl_mech = GSSAPI ldap_sasl_aut...
Should I forget sssd ?
2013 Oct 01
1
Should I forget sssd ?
...to high load and slow response > enumerate = false > cache_credentials = true > > id_provider = ldap > auth_provider = krb5 > chpass_provider = krb5 > > ldap_uri = ldap://serveur.radiodjiido.nc > ldap_search_base = DC=radiodjiido,DC=nc > ldap_tls_reqcert = demand > ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt > > krb5_kdcip = serveur.radiodjiido.nc > krb5_realm = RADIODJIIDO.NC > krb5_changepw_principle = kadmin/changepw > krb5_auth_timeout = 15 sudo service sssd stop tar -xzvf sssd-1.11.1.tar.gz cd sssd-1.11.1 ./configure && make sudo make ins...
SSSD on CentOS 7 failing to start when connecting to 4.8.3 AD via LDAP
2018 Jul 20
2
SSSD on CentOS 7 failing to start when connecting to 4.8.3 AD via LDAP
..._user_object_class = user ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_force_upper_case_realm = True ldap_uri = ldap://192.168.192.50 ldap_search_base = dc=ad,dc=company,dc=com ldap_id_use_start_tls = false ldap_tls_reqcert = never ldap_tls_cacert = /etc/sssd/ca.company.com.crt access_provider = ldap ldap_access_filter = memberOf=cn=ServerAdmins,ou=Groups,dc=ad,dc=company,dc=com ldap_default_authtok_type = password ldap_default_bind_dn = sssd at ad.company.com ldap_default_authtok = Password1 [pam] I tried adding the sudo roles schema...
Group Permissions Not Working
2019 Apr 30
5
Group Permissions Not Working
...vider = ad access_provider = ad debug_level = 0x3ff0 #debug_level = 1 ldap_id_mapping = true #ldap_schema = rfc2307bis #use_fully_qualified_names = True override_homedir = /home/%u default_shell = /bin/bash krb5_keytab = /etc/krb5.keytab krb5_realm =DOMAIN.COM ldap_search_base = dc=domain,dc=com ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt ad_hostname = Server.DOMAIN.COM ad_domain = DOMAIN.COM ldap_id_mapping = true default_shell = /bin/bash ldap_referrals = false # 2019-03-30: https://jhrozek.wordpress.com/2015/08/19/performance-tuning-sssd-for-large-ipa-ad-trust-deployments/ subdomain_inheri...