Hi all, I am having the trouble with IPA-AD trust. We have scenario, where on the AD side the LDAP signing policy is on - this is company standard and can not be changed. Is there any chance to let the IPA use LDAP signing on IPA side ? I guess IPA use SASL LDAP bind but without signing.
What I am not understanding now is that IPA is still able to obtain info from AD LDAP although DC servers keeps complaining about unsigned LDAP connections - event 2889. https://support.microsoft.com/en-us/kb/935834 https://technet.microsoft.com/en-us/library/dd941849(v=ws.10).aspx Thanks for help. Jan Karásek
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project