Re: Squeeze Debian-Edu is working more and more.

To: debian-edu@lists.debian.org
Subject: Re: Squeeze Debian-Edu is working more and more.
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sun, 27 Feb 2011 14:22:17 +0100
Message-id: <20110227132217.GP3372@login2.uio.no>
In-reply-to: <1298811955.2528.11.camel@i965GMx-IF>
References: <1298811955.2528.11.camel@i965GMx-IF>

[Andreas Schockenhoff]
> I run into this problem.  
> 
> ldapvi --host ldap -ZZ --bind simple --tls allow -D
> 'cn=super-admin,ou=People,dc=skole,dc=skolelinux,dc=no' 
> ldap_start_tls_s: Connect error (-11)
> additional info: TLS: hostname does not match CN in peer certificate

You need to use FQDN, ie ldap.intern as the --host parameter to avoid
this.

> The netgroup is a solution that based on IPs so it is not really
> secure.  Now we have Kerberos running is there an other solution? So
> may be we do not need the netgroups.

Netgroups are used for NFS exports, network filtering and
shutdown-at-night features.  Not all of these can be repaced by
kerberos.

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Re: Squeeze Debian-Edu is working more and more.
  - From: Andreas Schockenhoff <asc@gmx.li>
- Re: Squeeze Debian-Edu is working more and more.
  - From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

References:
- Squeeze Debian-Edu is working more and more.
  - From: Andreas Schockenhoff <asc@gmx.li>

Prev by Date: Squeeze Debian-Edu is working more and more.
Next by Date: Re: Squeeze Debian-Edu is working more and more.
Previous by thread: Squeeze Debian-Edu is working more and more.
Next by thread: Re: Squeeze Debian-Edu is working more and more.
Index(es):
- Date
- Thread