Performing certificate verification when establishing TLS OpenLDAP connections
The policy defines the mode of certificate verification when installing TLS of connections OpenLDAP
Default — Only establish a connection with the correct certificate
Never — Do not perform any checks
Allow — Establish a connection even if there is no or incorrect certificate
Try — Establish a connection if there is no or with a valid certificate
Demand — Only establish a connection with the correct certificate
Supported on: At least ALT Platform 9
Select an operating mode:
- Default
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\BaseALT\Policies\Control Value Name ldap-tls-cert-check Value Type REG_SZ Value default - Never
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\BaseALT\Policies\Control Value Name ldap-tls-cert-check Value Type REG_SZ Value never - Allow
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\BaseALT\Policies\Control Value Name ldap-tls-cert-check Value Type REG_SZ Value allow - Try
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\BaseALT\Policies\Control Value Name ldap-tls-cert-check Value Type REG_SZ Value try - Demand
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\BaseALT\Policies\Control Value Name ldap-tls-cert-check Value Type REG_SZ Value demand
basealtcontrol.admx
- ALT System
- CD/DVD Applications
- Graphics
- Group Policies
- GPUpdate Mechanisms
- Chromium browser
- Control system facilities
- Firefox browser
- Firewall configuration support
- GSettings configuration
- GSettings mechanisms for users
- Install and remove for users
- Install and remove packages
- Local folders control
- Local folders control for users
- Network drives mounting for users
- NTP configuration support
- PolicyKit authorization
- PolicyKit authorization for users
- Printer settings
- Printer settings for users
- Shortcuts control
- Shortcuts control for users
- Systemd services
- Experimental Group Policies
- Windows keys mapping for ALT Group Policies
- GPUpdate Mechanisms
- Mate settings
- Desktop background
- Screensaver
- User restrictions
- Mounting
- Network Applications
- Packages control
- Security
- Authentication method
- Create individual temporary directories for users
- Execution of command /usr/bin/chfn
- Execution of program /usr/bin/chage
- Execution of program /usr/bin/gpasswd
- Execution of program /usr/bin/groupmems
- Manage password complexity checks
- Managing passwords with passwd
- Passing the parent environment to sudo
- Permissions for /bin/su
- Permissions for /usr/bin/newgrp
- Permissions for /usr/bin/sudo
- Permissions for /usr/bin/sudoreplay
- Permissions for /usr/bin/write
- Permissions for /usr/lib/chkpwd/tcb_chkpwd
- Permission to use /usr/bin/chsh
- Permission to use /usr/sbin/hddtemp
- Permission to use consolehelper
- Request sudo password for users of the «wheel» group
- Services
- SSHD
- SSSD
- Access rights and behavior of the job queue /usr/bin/at
- Accounts Service (accounts-daemon)
- ACPI Event Daemon
- Alterator backend
- Alterator Web frontend server
- Authorization Manager
- Avahi mDNS/DNS-SD Stack
- Chronyd (NTP Service)
- Chrony NTP daemon mode
- Console Mouse manager
- Cpufreq-simple service
- Crond Service
- CUPS mode
- CUPS Scheduler
- D-Bus System Message Bus
- Daemon Upower
- DNS Server BIND
- Enabling Allowed Groups for SSH Remote Access
- Graphical display manager (lihgtdm)
- GSS API authorization support on SSH client
- GSS API authorization support on sshd server
- Kerberos 5 KDC
- Modem Manager
- Name Service Cache Daemon
- Naming services LDAP client daemon
- Network Connectivity Service
- Network Manager
- Network Manager Wait Online
- Password authorization support on sshd server
- PC/SC Smart Card Daemon
- Performing certificate verification when establishing TLS OpenLDAP connections
- Permissions for /usr/bin/postqueue
- Permission to use crontab
- Postfix Mail Transport Agent
- Postfix MTA operating mode
- Reverse DNS lookup on OpenLDAP queries
- Rpcbind operating mode
- RPC bind Service
- Samba NMB Daemon
- Samba SMB Daemon
- Samba Winbind Daemon
- Secure shell daemon (sshd)
- Security Auditing Service
- Service colord
- Service Dnsmasq
- SFTP support on OpenSSH server
- Systemd Unit kmod-static-nodes
- System module oddjobd
- SYSV: Smartcard Terminal Tnterface
- Сonsolesaver Service SYSV
- Virtualization
- ALT System
- Mate settings
- Desktop background
- Screensaver
- User restrictions
- Mate settings