Red Hat Bugzilla – Bug 577219
Authconfig should disallow setting both ldaps and TLS
Last modified: 2011-09-08 04:41:23 EDT
Description of problem:
Right now, it is possible to save a configuration with
LDAP Server: ldaps://ldap.example.com
'Use TLS to encrypt connections' checked. This is an invalid configuration. It is only possible to set one form of encryption or the other at a time.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Start authconfig
2. Choose LDAP for User Account Database and Authentication Method
3. Enter 'ldaps://ldap.example.com' for the LDAP server
4. Check 'Use TLS to encrypt connections'
The 'apply' button is selectable, and authconfig will save an sssd.conf file with the options:
ldap_uri = ldaps://ldap.example.com
ldap_id_use_start_tls = True
This will result in an unusable configuration (the LDAP server will reject the connection)
The 'apply' button should be grayed-out, and warning text similar to that which warns that one or the other of ldaps or TLS must be used should inform the user that it is invalid to use both.
I'd like to postpone it to F14 as this requires adding a new translatable string - for the warning.
I suppose that's reasonable. It's not likely that someone will attempt to do both.
This bug appears to have been reported against 'rawhide' during the Fedora 14 development cycle.
Changing version to '14'.
More information and reason for this action is here: