--On Friday, February 14, 2025 7:01 AM +0000 "Windl, Ulrich" <[email protected]> wrote:
Can you explain the intentions for " olcRemoteAuthTLS: starttls=yes tls_reqcert=never"? Starting TLS without a certificate? Do you expect encryption then?
Just means it doesn't check the cert for validity AFAIK. AD often uses its own cert system so the end client may not be aware of the CA chain for the provided cert on the AD server.
--Quanah
