Issue #7366: RFE: ipa client should setup openldap for GSSAPI - freeipa

freeipa

#7366 RFE: ipa client should setup openldap for GSSAPI

Closed: fixed 6 years ago Opened 6 years ago by rcritten.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1527215

Description of problem:

The IPA client installer currently edits /etc/openldap/ldap.conf, setting up
the client to consume LDAP data from IPA.  It currently sets:

URI
BASE
TLS_CACERT

It really should also add:

SASL_MECH GSSAPI
TLS_REQCERT demand


The IPA client installer assumes the client will only be speaking LDAP to IPA,
so might as well secure that connection as much as possible by default.

Metadata Update from @rcritten:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1527215

6 years ago

Metadata Update from @rcritten:
- Issue priority set to: important

6 years ago

amitkumar25nov commented 6 years ago

PR:https://github.com/freeipa/freeipa/pull/1470

cheimes commented 6 years ago

master:

07be330 RFE: ipa client should setup openldap for GSSAPI

Metadata Update from @cheimes:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

cheimes commented 5 years ago

ipa-4-6:

d4f1406 RFE: ipa client should setup openldap for GSSAPI

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

important

Milestone

FreeIPA 4.8

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1527215

tester

None

changelog

None

design

None

freeipa

Source Code

#7366 RFE: ipa client should setup openldap for GSSAPI Closed: fixed 6 years ago Opened 6 years ago by rcritten.

Metadata

#7366 RFE: ipa client should setup openldap for GSSAPI

Closed: fixed 6 years ago Opened 6 years ago by rcritten.