Hello Rex, 
for me the Solution was to change the ldap tls cipher parameter.
You can easaly check it when you  disable ldap_tls_cipher_suite. After this the 
connection work for me.
After a while of search i found that Ubuntu or sssd changed the ssl tool or his 
 paramerts

Not Openssl is used anymore (like redhat) , GNUtls is used (or his
parameters)

When I use gnutls  parameter i can connect to our domain
ldap_tls_cipher_suite = NORMAL
if you want it more specific you can use like this ( if its pass to your domain 
settings)
ldap_tls_cipher_suite = NONE:+VERS-TLS-ALL:+AES-256-GCM:+SIGN-ALL:+COMP-NUL

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1921494

Title:
  ldap_install_tls occasionally fails due to watchdog timeout when using
  ad_use_ldaps with tls

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1921494/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to