27 Oct
2012
27 Oct
'12
6:04 p.m.
On 10/26/2012 01:08 PM, Ezequiel Larrarte wrote:
I tried all /etc/nslcd.conf /etc/pam_ldap.conf /etc/openldap/ldap.conf
Don't use nss-pam-ldapd and pam_ldap. Remove the packages entirely and install sssd. You'll still use authconfig to configure LDAP integration, but you'll get a stack that's better maintained and documented. See "man sssd-ldap" for ldap_tls_reqcert. Or, better, install the CA that signed your LDAP cert and refer to that with ldap_tls_cacert or ldap_tls_cacertdir.