Thanks, Clement. You are absolutely correct, and I was just being lazy!
Best Regards,
Gray
Gray McCord
Adapt, Mutate, Migrate, or Die
-C. Darwin
-----Original Message-----
From: ltb-users [mailto:ltb-users-boun...@lists.ltb-project.org] On Behalf Of
Clément OUDOT
Sent: Monday, September 4, 2017 2:58 AM
To: ltb-users@lists.ltb-project.org
Subject: Re: [Ltb-users] "Cannot access LDAP directory" error when migrating to
Centos7
Le 03/09/2017 à 14:06, Gray McCord a écrit :
> After much hacking around with ldapsearch, I discovered that the
> problem was the private SSL cert I am using from the AD server. The
> client was not recognizing its CA, so I added the following to
> ldap.conf, and it cleared right up:
>
> TLS_REQCERT never
Hi Gray,
this is indeed a solution, but not the safer one as you will never check the AD
certificate. If you has a previous installation working with AD certificate,
then you just need to copy the certificate file (AC certificate, or server
certificate if self-signed) and set the path in TLS_CACERT.
See
https://ltb-project.org/documentation/self-service-password/latest/config_ldap
--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
137 boulevard de Magenta - 75010 PARIS
Blog: http://sflx.ca/coudot
_______________________________________________
ltb-users mailing list
ltb-users@lists.ltb-project.org
https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
_______________________________________________
ltb-users mailing list
ltb-users@lists.ltb-project.org
https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
