On Mon, 2020-03-30 at 06:53 +1000, William Brown wrote:
> > On 30 Mar 2020, at 06:29, Laurent GUERBY <laurent@xxxxxxxxxx>
> > wrote:
> >
> > Hi,
> >
> > I installed 389-ds 1.4.0.21-1 on a debian 10 system.
> >
> > When I use cockpit in 389-ds tab I get "{'desc': 'Inappropriate
> > authentication', 'info': 'SASL EXTERNAL bind requires an SSL
> > connection'}" so I assume I must install a real certificate.
>
> That's probably not the cause here. More likely this is because the
> user cockpit is running as doesn't have access to the LDAPI socket.
> LDAPI uses SASL EXTERNAL so that the uid/gid can be checked and then
> mapped to directory server users. Are there cockpit logs of what
> commands it's trying to execute that you can check?
Before I enabled LDAPI I had the following message in the web 389-ds
component :
{'desc': "Can't contact LDAP server", 'errno': 2, 'info': 'No such file
or directory'}
After I enabled LDAPI I got :
{'desc': 'Inappropriate authentication', 'info': 'SASL EXTERNAL bind
requires an SSL connection'}
As for cockpit logs I went through lots of pages on https://cockpit-pro
ject.org but could not find how to enable more verbose logs.
In the cockpit logs tab I just have generic information about
cockpit starting.
Thanks for your help,
Sincerely,
Laurent
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
