Thanks, Sumit.
In the interim, is there a way to override the lookup behavior to force sssd to
assume email address over domain (this is a single domain environment)? I
think that would take some of the delay away.
=G=
From: Sumit Bose
Sent: Tuesday,
Jakub Hrozek wrote:
> AD uses referrals quite aggressively and at the same time, the
> referral handling in openldap is not super-fast. I don't know exactly
> why the referrals would cause a TLS failure, I suspect some of the
> servers an entry referred to were simply not reachable from your
> clie
On Mon, Oct 02, 2017 at 06:21:05PM +, Galen Johnson wrote:
> ?Did this make it to the list? I really wish I could see my own posts.
>
>
> =G=
>
>
>
> From: Galen Johnson
> Sent: Thursday, September 28, 2017 3:28 PM
> To: End-user discussions about the Syste
On Mon, Oct 02, 2017 at 07:14:53PM +, Jeff White wrote:
> That seems to fix the issue. I'm not sure why, but it does. I guess the
> LDAP server could refer to another server or domain by a name not included
> in the cert? Even with logging turned way up I could not find any entry
> that said
