On Mon, Aug 13, 2012 at 09:36:44PM +0200, Michael Ströder wrote:
HI!
Is it possible to use SASL/EXTERNAL when connecting to a LDAP server with
StartTLS or LDAPS using client certs?
In a project they have certs in all systems anyway (because of using puppet)
and I'd like to let the sssd instances on all the systems authenticate to the
LDAP server to restrict visibility of LDAP entries by ACL. I'd like to avoid
having to set/configure passwords for each system's sssd.
Ciao, Michael.
Not currently, there is a ticket that is tracking adding the support:
https://fedorahosted.org/sssd/ticket/561