> I'm currently working on patches to allow LDAPS as well and make sure > that SASL/GSSAPI/GSS-SPNEGO are set up so that it can be used together > with TLS. HTH
Good morning, Is there an expected eta for the patches to be available? Pending that, Is it possible to have two "ldap" providers in the same domain with different ldap settings? For example, if using ad for auth_provider and ldap for id/access providers [domain/example.com] auth_provider = ldap auth_provider ldap server x.example.com id_provider = ldap id_provider ldap server y.example.com Such that the ad auth provider can now use ldap TLS/SSL to the password server, but identity can still be managed by another server? This may seen to be a weird setup, but it allows separation of roles/responsibilities. Thanks Gary -- Gary Molenkamp Computer Science/Science Technology Services Systems Administrator University of Western Ontario [email protected] http://www.csd.uwo.ca (519) 661-2111 x86882 (519) 661-3566 _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
