Le 03/09/2017 à 14:06, Gray McCord a écrit :
After much hacking around with ldapsearch, I discovered that the
problem was the private SSL cert I am using from the AD server. The
client was not recognizing its CA, so I added the following to
ldap.conf, and it cleared right up:
TLS_REQCERT never
Hi Gray,
this is indeed a solution, but not the safer one as you will never check
the AD certificate. If you has a previous installation working with AD
certificate, then you just need to copy the certificate file (AC
certificate, or server certificate if self-signed) and set the path in
TLS_CACERT.
See
https://ltb-project.org/documentation/self-service-password/latest/config_ldap
--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
137 boulevard de Magenta - 75010 PARIS
Blog: http://sflx.ca/coudot
_______________________________________________
ltb-users mailing list
ltb-users@lists.ltb-project.org
https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
