On 08/29/2014 11:06 AM, anax wrote: >> As far as I read, >> - there is a switch to "sssd" >> - I found 1 link: >> http://www.certdepot.net/ldap-client-configuration-authconfig/ >> > sssd is a hard peace to configure. In C7 it wants absolutely to have an > encrypted connection to the LDAP server. Therefore, it must at least > have a valid CAcert at disposition. Also, the LDAP server itself must > have a valid CAcert (eventually the same as the sssd client) and a valid > server-certificate with the Common-Name of the host it runs on. > Our LDAP servers are all clear text for the moment and there is no short|mid-term plan to bring an encryption. It's then a no go for the moment :-(. Thanks.