tags 672301 + pending severity 672301 important thanks I've cloned to bug report to #672301, please follow up there.
On Tue, 2012-05-08 at 21:38 +0200, Jakub Moc wrote: > 2012/5/8 Arthur de Jong <[email protected]>: > > and the contents of nslcd.conf? > [...] > uri DNS > ssl on > tls_reqcert allow > > > Furthermore the output of DEBCONF_DEBUG=developer debconf > > /var/lib/dpkg/info/nslcd.config > > would be very helpful. > > debconf (developer): starting /var/lib/dpkg/info/nslcd.config [...] > debconf (developer): <-- GET nslcd/ldap-starttls > debconf (developer): --> 0 false > debconf (developer): <-- GET nslcd/ldap-reqcert > debconf (developer): --> 0 > debconf (developer): <-- SET nslcd/ldap-reqcert allow > debconf (developer): --> 0 value set [...] > debconf (developer): <-- GET nslcd/ldap-starttls > debconf (developer): --> 0 false > debconf (developer): <-- SET nslcd/ldap-reqcert > debconf (developer): --> 0 value set The reqcert option is set correctly in the beginning but cleared later on due to a flawed check. It expected that reqcert would need to be cleared if not using SSL. The script checked for whether start_tls was used or any URL contained ldaps:// was used. In your configuration neither was the case (using ssl on with uri DNS). This will be fixed in the next release. -- -- arthur - [email protected] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
