[Bug 1159770] Re: debconf configuration for SSL/TLS is missing in ldap-auth-config

Daniel T Chen seven.steps at gmail.com
Tue Mar 26 15:35:02 UTC 2013


** Changed in: ldap-auth-client (Ubuntu)
   Importance: Undecided => Wishlist

** Changed in: ldap-auth-client (Ubuntu)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1159770

Title:
  debconf configuration for SSL/TLS is missing in ldap-auth-config

Status in “ldap-auth-client” package in Ubuntu:
  Triaged

Bug description:
  The file /etc/ldap.conf contains the settings for LDAP authentication.
  The recommended way of configuring this file and LDAP authentication,
  is through debconf.  However, there is no way to specify whether TLS
  or SSL must be used for LDAP authentication, and without this setting,
  the user passwords will be sent in cleartext over the network.

  Release: Ubuntu 12.04.2 LTS
  Version: ldap-auth-config: Installed: 0.5.3

  Expected: To be able to set up secure LDAP authentication through
  debconf

  Instead: Configuring that TLS or SSL is required, is not possible.
  This also means that it cannot be preseeded during automated installs.

  To enable TLS or SSL, the /etc/ldap.conf must contain "ssl start_tls'
  or 'ssl on' as appropriate. These are available already in the file,
  but currently commented out. These can be failry easily brought under
  debconf control, would only require a new question in
  control/Templates, and code in control/postinst.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ldap-auth-client/+bug/1159770/+subscriptions



More information about the Ubuntu-sponsors mailing list