'=?utf-8?q?=5B389-users=5D?= Re: Central authentication using 389 DS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-directory-users
Subject:    =?utf-8?q?=5B389-users=5D?= Re: Central authentication using 389 DS
From:       William Brown <wbrown () suse ! de>
Date:       2019-09-01 23:43:14
Message-ID: 592700DA-595F-440D-AB5A-196813F76F49 () suse ! de
[Download RAW message or body]



> On 2 Sep 2019, at 00:17, Nicolas Kovacs <info@microlinux.fr> wrote:
> 
> Hi,
> 
> I've just completed a detailed blog article series about central
> authentication using 389 Directory Server. It's in French, and I
> published it on my tech blog.

Thanks, this is great!

> 
> * https://www.microlinux.fr/389-ds-centos-7/

I already sent feedback about this in a previous email. 

> 
> * https://www.microlinux.fr/389-ds-utilisateurs-centos-7/



> 
> * https://www.microlinux.fr/389-ds-tls-centos-7/
> 
> * https://www.microlinux.fr/opensuse-leap-15-1-389-ds/

I'm a bit concerned about putting your self signed CA in the system trust store here. \
You may be better to put this in:

cp ca.crt /etc/openldap/certs/
/usr/bin/c_rehash /etc/openldap/certs/

Then you can use TLS_CACERTDIR /etc/openldap/certs for ldap.conf, and clients like \
sssd.conf.

Hope that helps, 

> 
> Cheers from the sunny South of France,
> 
> Niki Kovacs
> 
> -- 
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Mail : info@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> Fedora Code of Conduct: \
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: \
> https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: \
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

—
Sincerely,

William Brown

Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic