I just wanted to see if ldap/ad ssl is encrypted.
I pressed the start ssl button.
then came the following message:
“Check failed: Start TLS conflicts with ‘ldaps://’ URI scheme”
I took the button out and left everything as it was.
actually nothing would have happened only stupidly I have pressed afterwards on the button “edit” and thus confirmed my old dc with the same settings.
now nethserver worked for a while and reinitialized the dc. (actually i just wanted to check the settings and not change anything, my mistake)
Now here’s my problem:
so that no more contacts are synchronized. the rest seems to work. only activ sync sogo contacts on my mobile devices doesnt work.
log say:
sogo:
sssd: tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = Server not found in Kerberos database.
messages:
NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{“error_code” = 49; login = “samaccountname=usernamer,dc=ad,dc=domain,dc=com”; }
ERROR(-[NGLdapSearchResultEnumerator nextObject]): does not support result references yet
journalctl -u nsdc find 3 error:
Nov 04 17:33:21 nethserver.tlddomain.com systemd-nspawn[2876]: Failed to create directory /var/lib/machines/nsdc//sys/fs/selinux: Read-only file system
Nov 04 17:33:21 nethserver.tlddomain.com systemd-nspawn[2876]: Failed to create directory /var/lib/machines/nsdc//sys/fs/selinux: Read-only file system
Nov 04 17:33:22 nethserver.tlddomain.com systemd-nspawn[2876]: Cannot add dependency job for unit display-manager.service, ignoring: Unit not found.
in the forum i found similar error messages and small how to fixes. unfortunately none of them helped.
how can fix it ?
the modern webgui say users_groups.StartTls false is that right ?