AnsweredAssumed Answered

Secure LDAP client install fails

Question asked by Rodney Broder on Feb 17, 2020

Sorry if this is not be the correct forum.  I am running Sugar Professional on premises on Ubuntu 18 linux.  I am currently using LDAP to authenticate back to our Windows Active Directory Domain Controller.  This works fine.  Now I want to use Secure LDAP on port 636 for authentication.  Sugar says just change the port number in the Admin console.  Well that doesn't work. 

I am running OpenSSL 1.1.1d on the Sugar machine.  I have an issuing CA certificate made with OpenSSL.  I copied the exported file from the DC to the /etc/ssl/certs folder.  I have modified the /etc/ldap/ldap.conf file with:

# TLS certificates (needed for GnuTLS)
#TLS_CACERT /etc/ssl/certs/ca-certificates.crt.  --- I commented this out. Don't know what that will hurt.
TLS_CACERT /etc/ssl/certs/cert.pem
URI ldap://SERVER.COMPANY.COM:636/. --  also tried URI ldaps://SERVER.COMPANY.COM/
TLS_REQCERT allow

 

Still no success.  Anyone done this before?  Any suggestions.  I know the DC is working because I have a Windows server running Wampserver 2.2 and I made it work by, in part, modifying custom PHP code.

Outcomes