[Freeipa-users] LDAPS for AD trust?
Erik Mackdanz
erik at infochimps.com
Thu Jun 16 21:53:22 UTC 2016
Hello,
Is it possible to force LDAPS instead of LDAP when connecting to the
client's AD domain in a trust situation?
I'm sure that the _ldaps SRV must be added to AD (AD doesn't have one
by default).
It's not clear, though, whether I can make SSSD request the _ldaps SRV
record. I tried setting 'ldap_dns_service_name=ldaps' in sssd.conf
but tcpdump shows only _ldap SRV record requests still. I think that
option affects only the IPA server connection not AD.
Thanks in advance,
Erik
More information about the Freeipa-users
mailing list