Jakub Hrozek wrote:
> On Mon, Aug 13, 2012 at 09:36:44PM +0200, Michael Ströder wrote:
>> Is it possible to use SASL/EXTERNAL when connecting to a LDAP server with
>> StartTLS or LDAPS using client certs?
>>
>> In a project they have certs in all systems anyway (because of using puppet)
>> and I'd like to let the sssd instances on all the systems authenticate to
the
>> LDAP server to restrict visibility of LDAP entries by ACL. I'd like to
avoid
>> having to set/configure passwords for each system's sssd.
>>
> Not currently, there is a ticket that is tracking adding the support:
>
https://fedorahosted.org/sssd/ticket/561
Well, the years pass by...
Any chance that this is ever implemented?
Ciao, Michael.
Patches are very much welcome. This might be a good starting point: