Is it possible to force LDAPS instead of LDAP when connecting to the
client's AD domain in a trust situation?
I'm sure that the _ldaps SRV must be added to AD (AD doesn't have one
It's not clear, though, whether I can make SSSD request the _ldaps SRV
record. I tried setting 'ldap_dns_service_name=ldaps' in sssd.conf
but tcpdump shows only _ldap SRV record requests still. I think that
option affects only the IPA server connection not AD.
Thanks in advance,
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project