https://bugzilla.novell.com/show_bug.cgi?id=662949 https://bugzilla.novell.com/show_bug.cgi?id=662949#c7 Ralf Haferkamp <rhafer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|rhafer@novell.com | --- Comment #7 from Ralf Haferkamp <rhafer@novell.com> 2011-01-14 09:55:57 CET --- (In reply to comment #6)
Hopefully done. Please test with yast2-ldap-2.20.0 and yast2-ldap-client-2.20.6 Basically this seems to work now, thanks.
(I did not play with that unbind part yet) Hm, I just recognized, that if I disable TLS/SSL (which is only possible when configuring nss_ldap instead of sssd), click "Fetch DN" and after that re-enable TLS, download a valid CA and click "Fetch DN" again, the ldap-client Module doesn't reconnect to the LDAP Server, it just continues using the old un-encrypted LDAP connection. This can be problematic if e.g. the LDAP Server restricts the Access to certain parts of the Tree depending on if the client uses encryption or not. I think unbinding the existing connection after the TLS Settings were changed is the right thing to do.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.