DNS feature doesn't work with LDAPS
[Date Prev][Date Next] [Thread Prev][Thread Next]DNS feature doesn't work with LDAPS
- From: Albert Akchurin <ackbeat [at] gmail.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: DNS feature doesn't work with LDAPS
- Date: Fri, 5 Nov 2021 01:43:33 +0600
Package: nslcd
Version: 0.9.11
DNS is a great feature that allows effortless reinstall/modification of LDAP servers.
Tell me please, is the nslcd currently maintained? If so, I would suggest introducing DNSLDAPS directive, that will force using LDAPS port, or simpler way: just check if `ssl on` option is present in config file.
I am using Debian 11
Version: 0.9.11
Hi, Arthur!
But unfortunately it does not work with LDAPS in my case.
The problem. Samba AD, uses both LDAP 389 port and LDAPS 636 port. But advertises only 389 via SRV records (AFAIK same is true for MS AD).
Therefore nslcd choses non secure LDAP 389 port. And there is no way to tell nslcd to use the LDAPS 636 port instead.
I use the configuration directives:
uri DNS:my.domain.org
ssl on
ssl on
Tell me please, is the nslcd currently maintained? If so, I would suggest introducing DNSLDAPS directive, that will force using LDAPS port, or simpler way: just check if `ssl on` option is present in config file.
I am using Debian 11
Best regards,
Albert
- DNS feature doesn't work with LDAPS, Albert Akchurin
- Re: DNS feature doesn't work with LDAPS, Michael Ströder
- Re: DNS feature doesn't work with LDAPS,
Arthur de Jong
- Re: DNS feature doesn't work with LDAPS,
Michael Ströder
- Re: DNS feature doesn't work with LDAPS, Arthur de Jong
- Re: DNS feature doesn't work with LDAPS,
Michael Ströder
- Prev by Date: cross signed certs with expired root cert
- Next by Date: Re: DNS feature doesn't work with LDAPS
- Previous by thread: cross signed certs with expired root cert
- Next by thread: Re: DNS feature doesn't work with LDAPS