Right, we have to put it to systemd and make a nethservice out of it or be lazy and put the line to /etc/rc.local…
Agree, it’s not mandatory.
For AD account provider I had to add the “ldap server require strong auth = no” to /var/lib/machines/nsdc/etc/samba/smb.conf, didn’t try TLS. I set auth.require-approval to false in web UI.
LDAP Hostname: ldap://ad.domain.local
LDAP Port: 389
Base Distinguished Name: cn=Users,dc=AD,dc=DOMAIN,dc=LOCAL
Search Attributes: cn
Username Attribute: cn
Realname Attributes: displayName
ActiveDirectory Domain: ad.domain.local
After switching to LDAP account provider, I couldn’t login as admin anymore but AD users working so I had to recover the admin:
/var/lib/nethserver/vhost/phab/phabricator/bin/auth recover admin