URL: https://github.com/SSSD/sssd/pull/700 Title: #700: LDAP: Only authenticate the auth connection if we need to look up user information
sumit-bose commented: """ thank, I'm fine with the current version, so ACK in Acepted are still valid. About "If we want to do additional hardening, we can even save the value of the SDAP_DISABLE_AUTH_TLS variable and unless it is set to TRUE, we can even abort the authentication if no encryption is selected." I was thinking about this as well. But since the PR is mainly about fixing an authentication issues I think we do not want to risk to add another failure in a different special setup and better add this functionality in a different PR. """ See the full comment at https://github.com/SSSD/sssd/pull/700#issuecomment-441623455
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org