If there is no TLS CA Cert available for communication with the LDAP server (or /etc/ldap.conf has "ssl off"), SSSD will not authenticate.
This was fixed with commit e7514de. The option tls_reqcert for the native LDAP backend can be used in the same way as the corresponding option from /etc/ldap.conf
fixedin: => 0.4.0
resolution: => fixed
status: new => closed
rhbz: => 0
Metadata Update from @sgallagh:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.0
to comment on this ticket.
Copyright © 2014-2017 Red Hat
3.10.1 — Documentation