ldaps failed

  • Our AD doesn’t seem to support TLS so in order to have ldap traffic secured ldaps on port 636 is the only way to go. I tried tricks mentioned in FAQs such as using ldaps:// prefix but connection still failed. Not much clue is given by test tool.
    My hunch is that AD usually uses a self-signed SSL cert so WP/PHP doesn’t trust it. Is there any way to ignore SSL verification, especially trusted root CA?
    Other diagnostic tips are appreciated.

    https://www.ads-software.com/extend/plugins/active-directory-integration/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter fredwen

    (@fredwen)

    I figured out the solution myself!
    For Version 1.1.4 of this plug-in, on line 420 of file ad_ldap\adLDAP.php in function connect(), add following line:
    ldap_set_option($this->_conn, LDAP_OPT_REFERRALS, 0);

    I tried this, but ldaps is still failing. Any other clue?

    WP verion 3.5.1

    Can somebody help? Only port 389 WITHOUT TLS is working. Port 389 with TLS and LDAPS with port 636 are failing..

    Thread Starter fredwen

    (@fredwen)

    If you are on Windows,
    1. create C:\OpenLDAP\sysconf\ldap.conf (Yes, it MUST be this path because it’s hard-coded in the dll)
    2. put this line at the top:
    TLS_REQCERT never
    3. Save, stop/start apache.

    See https://php.net/manual/en/function.ldap-bind.php for other clue.

    fredwen’s solution worked for me on linux, just edit /etc/openldap/ldap.conf and add
    TLS_REQCERT never
    to the bottom and restart apache.
    Which I guess is the first FAQ so, uh, you probably already know that…

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘ldaps failed’ is closed to new replies.