RHEL5 authconfig LDAPS configuration enhancement

Solution Verified - Updated -

Issue

  • There is today no way to create a ldap configuration that uses ldaps (port 636) to connect to a ldap directory, the --enableldapssl and --enableldaptls options create a configuration that uses ldap (port 389) and start_tls.
  • In order to accomplish the ldaps connection we modify the /etc/ldap.conf file after authconfig has been run. (change ssl start_tls to ssl on , change the url from ldap:// to ldaps:// . ) This has the nasty side effect that the next time someone runs authconfig --updateall the ssl setting is lost and the machine lose connection to the ldap-directory.
  • We would like to have a option to authconfig to be able to create a ldaps – configuration or that authconfig do not modify the ssl setting in ldap.conf if it is set to on.

Environment

  • Red Hat Enterprise Linux 5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content