Answering my own questions: It doesn't work. The plugin uses ldapts which requires an explicit call to startTLS(). Since there's no explicit call to that method that I can find, it seems likely that this just isn't supported.
F
franc6
@franc6
0
Reputation
2
Posts
1
Profile views
0
Followers
0
Following
Best posts made by franc6
This user hasn't posted anything yet.
Latest posts made by franc6
-
RE: LDAP Plugin with start_tlsposted in Xen Orchestra
-
LDAP Plugin with start_tlsposted in Xen Orchestra
I'm trying to configure the ldap plugin to authenticate against my LDAP server (openldap 2.4), but running a test returns an error from the server which I believe indicates it's not using TLS, which my server requires. It's not using LDAP over an SSL tunnel (ldaps); but the server is configured to require TLS. For most of my unix clients, that means adding "ssl start_tls" to the relevant ldap.conf file. I also set the location of the certificateAuthorities. IIUC, that should be the name of a file on the system which contains the root certificate of the certificate used by the LDAP server.
The error in the log is:
confidentiality required Code: 0xdAny idea how I can confirm if I've correctly identified the problem, and if so how to configure it properly?
Thanks!