Difference between revisions of "Talk:Systems/Services/Samba"
Jump to navigation
Jump to search
m (Robot: Cosmetic changes) |
|||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | == | + | == Ldap needs a "real" cert == |
Ah, so that's what happened. | Ah, so that's what happened. | ||
| − | paigely uses openldap to communicate with our ldap server over ssl, and we can't set the openldap TLS_CACERT on their server. It defaults to /etc/ssl/ca-certificates.crt, so it's ok, we just have to use a "real" certificate. | + | paigely uses openldap to communicate with our ldap server over ssl, and we can't set the openldap TLS_CACERT on their server. It defaults to /etc/ssl/ca-certificates.crt, so it's ok, we just have to use a "real" certificate. self signed CA causes problems here |
--[[User:Hef|Hef]] ([[User talk:Hef|talk]]) 05:13, 20 September 2014 (CDT) | --[[User:Hef|Hef]] ([[User talk:Hef|talk]]) 05:13, 20 September 2014 (CDT) | ||
| + | |||
| + | Fixing this by deploying a filtering LDAP server that we can use to provide limited access to the AD tree to external services. | ||
Latest revision as of 20:35, 20 September 2014
Ldap needs a "real" cert
Ah, so that's what happened.
paigely uses openldap to communicate with our ldap server over ssl, and we can't set the openldap TLS_CACERT on their server. It defaults to /etc/ssl/ca-certificates.crt, so it's ok, we just have to use a "real" certificate. self signed CA causes problems here --Hef (talk) 05:13, 20 September 2014 (CDT)
Fixing this by deploying a filtering LDAP server that we can use to provide limited access to the AD tree to external services.