[ltb-dev] [LDAP Tool Box - Bug #883] (Rejected) LDAP - Bind error -1 (Can't contact LDAP server)

noreply at lsc-project.org noreply at lsc-project.org
Tue Dec 20 15:13:57 CET 2016


Issue #883 has been updated by Clément OUDOT.

Status changed from New to Rejected
Target version deleted (self-service-password-?)

Hello David,

please use mailing list to ask questions if you can, it is easiest to get answers from community. Subscribe here: http://lists.ltb-project.org/listinfo/ltb-users

Try first to connect to AD in LDAP to see if is works, then try LDAPS. If it fails with LDAPS, then you have an error with your certificate.
----------------------------------------
Bug #883: LDAP - Bind error -1  (Can't contact LDAP server)
http://tools.lsc-project.org/issues/883

Author: david pereira
Status: Rejected
Priority: Normal
Assigned to: 
Category: Self Service Password
Target version: 


Hello


Have problem when i want test my config.

I receive Error message :  Erreur d'accès à l'annuaire

When i looking for the log : [:error] [pid 2869] [client 192.168.112.106:36198] LDAP - Bind error -1  (Can't contact LDAP server), referer: http://192.168.100.38/index.php

I create certificat with this document ( https://confluence.atlassian.com/crowd/configuring-an-ssl-certificate-for-microsoft-active-directory-63504388.html ).

I export the certificat to /etc/ssl and modify ldap.conf ( /etc/ldap/ldap.conf

Can you help me ? 

Regards 

David

$ldap_url = "ldaps://AD.thor.fr:636";
#$ldap_starttls = true;
$ldap_starttls = false;

$ldap_binddn = "CN=Administrateur,CN=Users,DC=thor,DC=fr";

$ldap_bindpw = "Secret";

$ldap_base = "OU=Sites,DC=thor,DC=fr";
$ldap_login_attribute = "uid";
$ldap_fullname_attribute = "cn";
#$ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
$ldap_filter = "(&(objectClass=user)(sAMAccountName={login})(!(userAccountControl:1.2.840.113556.1.4.803:=2)))";

# Active Directory mode
# true: use unicodePwd as password field
# false: LDAPv3 standard behavior
#$ad_mode = false;
$ad_mode = true;
# Force account unlock when password is changed
$ad_options['force_unlock'] = false;
# Force user change password at next login
$ad_options['force_pwd_change'] = false;
# Allow user with expired password to change password
$ad_options['change_expired_password'] = false;



-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20161220/87e4e2e1/attachment.htm>


More information about the ltb-dev mailing list