Mailinglist Archive: yast-devel (233 mails)

< Previous Next >
[yast-devel] ldap setup ideas / wishlist
  • From: Nicholas Tung <ntung@xxxxxxxxx>
  • Date: Mon, 26 Oct 2009 11:32:53 -0700
  • Message-id: <fa81b0d10910261132o64424d6l7bacf51d3eaddf9a@xxxxxxxxxxxxxx>
Hi all,

I liked much of the YaST LDAP setup (particularly adding new users
through the same UI as adding local users), but overall it did take a
while to get set up. Here are a few simple things that might make it
easier (sorry I'm not a YaST developer),

* undo the wizard if it fails to start the daemon. Otherwise, the
root objects will not get created (this step happens after it tries to
start the daemon), leading to many confusing errors.
* make sure user "ldap" can read the certificate files, or else
the daemon will not start (error above) if the "slp dameon" box is
enabled.
* allow the client to import self-signed certificate files. I'm
still not sure why this isn't working correctly, since overriding
TLS_CACERT in /etc/openldap/ldap.conf seemed to fix the problem for
the command line tools.

kind regards,
Nicholas
https://ntung.com
--
To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-devel+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups