Uploaded image for project: 'TrueNAS'
  1. TrueNAS
  2. NAS-105492

LDAP no longer works after upgrading from 11.2-U7 to 11.3-U7

    XMLWordPrintable

Details

    Description

      Prior to upgrading from 11.2-U7 to 11.3-U1 I was able to ssh to my FreeNAS server as any user in my LDAP and end up in the home directory, or access SMB/CIFS shares, or type somethign liek `cd ~cory`. Now, that is no longer possible. Running `getent passwd` only shows local users, though I dont remember running that before because, well, LDAP user worked.

      I notice in the new UI that there is an icon by the alerts icon that shows the current directory services that there was a warning icon besides LDAP, but any attempt to fix things results in errors on save.

      File 'Screenshot from 2020-03-21 13-39-34.png' shows what happens when I enable encrypt as either 'ON' or 'START_TLS'. With encryption set to 'OFF' the other screenshot occurs.

      Trying`ldapsearch -vvvvv -H ldap://ldap.cory.albrecht.name -x -b "dc=cory,dc=albrecht,dc=name" "(uid=cory)"` works, but `ldapsearch -vvvvv -H ldaps://ldap.cory.albrecht.name -x -b "dc=cory,dc=albrecht,dc=name" "(uid=cory)"` does not

      If I put my CA certificate in FreeNAS's /etc/ssl  and modify /etc/local/openldap/ldap.conf with TLS_CACERT, then `ldapsearch -vvvvv -H ldaps://ldap.cory.albrecht.name -x -b "dc=cory,dc=albrecht,dc=name" "(uid=cory)"` works.

      BTW, didn't SSSD used to be part of FreeNAS, to manage LDAP users? Or am I misremembering things? It doesn't seem to be there now.

      Attachments

        Attachments

          JEditor

            Activity

              People

                awalker Andrew Walker
                Bytor Cory Albrecht
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: