Re: Squeeze Debian-Edu is working more and more.
[Andreas Schockenhoff]
> I run into this problem.
>
> ldapvi --host ldap -ZZ --bind simple --tls allow -D
> 'cn=super-admin,ou=People,dc=skole,dc=skolelinux,dc=no'
> ldap_start_tls_s: Connect error (-11)
> additional info: TLS: hostname does not match CN in peer certificate
You need to use FQDN, ie ldap.intern as the --host parameter to avoid
this.
> The netgroup is a solution that based on IPs so it is not really
> secure. Now we have Kerberos running is there an other solution? So
> may be we do not need the netgroups.
Netgroups are used for NFS exports, network filtering and
shutdown-at-night features. Not all of these can be repaced by
kerberos.
Happy hacking,
--
Petter Reinholdtsen
Reply to: