summaryrefslogtreecommitdiffstats
path: root/src/libtdeldap.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/libtdeldap.cpp')
-rw-r--r--src/libtdeldap.cpp9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index a416db0..8cf4bdd 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -2772,7 +2772,7 @@ int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
return -1;
}
-int LDAPManager::writeLDAPConfFile(LDAPRealmConfig realmcfg, TQString *errstr) {
+int LDAPManager::writeLDAPConfFile(LDAPRealmConfig realmcfg, LDAPMachineRole machineRole, TQString *errstr) {
KSimpleConfig* systemconfig;
TQString m_defaultRealm;
int m_ldapVersion;
@@ -2812,7 +2812,12 @@ int LDAPManager::writeLDAPConfFile(LDAPRealmConfig realmcfg, TQString *errstr) {
stream << "bind_policy " << m_bindPolicy.lower() << "\n";
stream << "pam_password " << m_passwordHash.lower() << "\n";
stream << "nss_initgroups_ignoreusers " << m_ignoredUsers << "\n";
- stream << "tls_cacert " << KERBEROS_PKI_PUBLICDIR << realmcfg.admin_server << ".ldap.crt\n";
+ if (machineRole == ROLE_WORKSTATION) {
+ stream << "tls_cacert " << KERBEROS_PKI_PUBLICDIR << realmcfg.admin_server << ".ldap.crt\n";
+ }
+ else {
+ stream << "tls_cacert " << KERBEROS_PKI_PEM_FILE << "\n";
+ }
}
file.close();
generated by cgit v1.2.1 (git 2.18.0) at 2025-02-09 00:49:04 +0000