Hi all,
first of, I'm not very experienced with LDAPs, and I am using Univention to create, and manage all my users.
This is working very well with every service, except my trueNAS. When I look at the "Directory Services Monitor", it tells me everything is fine, but at the same time is not syncing any users or group. Now I figured, I'll have to specify some where, what group specifically the user should have, I tried to tell the system via the IDMAP, in the URL field. It seems like the service is connected, but no Users appear anywhere.
Debugging and looking through /var/log/messages, I found the following line:
I don't know what exactly this last part is telling me, I can't recall to have TLS somewhere configured, only SSL (For Port 636)
I already tried several configurations in the LDAP section. None worked, but I also cant say "Encryption Mode: OFF" in LDAP, since he then prevents me from saving with error:
I am a little stuck right now, and would appretiate any tips at all. If I should post more debug stuff, I will, but I'm not sure what is required.
first of, I'm not very experienced with LDAPs, and I am using Univention to create, and manage all my users.
This is working very well with every service, except my trueNAS. When I look at the "Directory Services Monitor", it tells me everything is fine, but at the same time is not syncing any users or group. Now I figured, I'll have to specify some where, what group specifically the user should have, I tried to tell the system via the IDMAP, in the URL field. It seems like the service is connected, but no Users appear anywhere.
Debugging and looking through /var/log/messages, I found the following line:
Code:
failed to bind to LDAP server ldaps://url.to.univention:636: Server is unwilling to perform: SASL:[GSSAPI]: Sign or Seal are not allowed if TLS is used
I don't know what exactly this last part is telling me, I can't recall to have TLS somewhere configured, only SSL (For Port 636)
I already tried several configurations in the LDAP section. None worked, but I also cant say "Encryption Mode: OFF" in LDAP, since he then prevents me from saving with error:
Code:
'str' object has no attribute '__name__'
I am a little stuck right now, and would appretiate any tips at all. If I should post more debug stuff, I will, but I'm not sure what is required.
