> On 30 Mar 2020, at 06:29, Laurent GUERBY <laurent@guerby.net> wrote:
>
> Hi,
>
> I installed 389-ds 1.4.0.21-1 on a debian 10 system.
>
> When I use cockpit in 389-ds tab I get "{'desc': 'Inappropriate
> authentication', 'info': 'SASL EXTERNAL bind requires an SSL
> connection'}" so I assume I must install a real certificate.
That's probably not the cause here. More likely this is because the user cockpit is running as doesn't have access to the LDAPI socket. LDAPI uses SASL EXTERNAL so that the uid/gid can be checked and then mapped to directory server users. Are there cockpit logs of what commands it's trying to execute that you can check?
>
> Is there an official script I could use to configure and maintain a
> letsencrypt certificate on a fresh 389-ds install?
>
> The closest I could find (but not tried yet):
>
> https://git.dotlan.net/dhoffend/kolab/blob/73519a40f7adbfdb86394cfb2a0b
> 9eab39ac9757/debian-kolab16.1/update-letsencrypt.sh
>
> Thanks in advance,
>
> Sincerely,
>
> Laurent
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
No comments:
Post a Comment