On 2012-09-04 3:03 PM, "Jakub Hrozek" <[email protected]> wrote:
>On Tue, Sep 04, 2012 at 06:57:48PM +0000, Wojtak, Greg (Superfly) wrote: >> On 2012-09-04 2:03 PM, "Jakub Hrozek" <[email protected]> wrote: >> >> >> >On Tue, Sep 04, 2012 at 05:50:08PM +0000, Wojtak, Greg (Superfly) >>wrote: >> >> I am not specifying a schema but verified that sssd is using >>ldaps:// - >> >> tcpdump and netstat show connections to my DC's on port 636 and none >>on >> >> 389. >> >> >> > >> >Interesting, what is the exact format of ldap_uri you are using in the >> >sssd.conf config file? >> > >> >Are you using GSSAPI? (ldap_sasl_mech = GSSAPI in the config file) >> >> >> I should have been more clear - I should have said I'm not specifying >> ldap_uri at all (service discovery?) and yes, I have ldap_sasl_mech = >> GSSAPI set. >> > >Can you try if using ldap:// instead of ldaps:// perhaps using the >ldapsearch command line tool works for you? I've tested this heavily in the past - specifying ldap:// always works, unless I am issuing a STARTTLS request. At that point I see the same errors as using ldaps:// Greg Wojtak Sr. Unix Systems Engineer Office: (313) 373-4306 Cell: (734) 718-8472 _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
