Bug #5414
LDAP + TLS is not LDAP + TLS but LDAP + SSL
Description
Hi,
Today I configured our OpenLDAP server as a login source for foreman.
I checked the TLS checkbox, and found out it wasn't working. Without it, all was working fine.
There was an SSL error : The problem was solved by changing the port to 636 instead of 389.
In fact the LDAP auth backend doesn't use TLS, but SSL (aka LDAPS) and not LDAP+TLS (the ruby net/ldap module does not seem to support real TLS : http://net-ldap.rubyforge.org/Net/LDAP.html#method-i-encryption)
I think that the label should be changed to "SSL" or "LDAPS", or perhaps should you use the ldap:// ldaps:// syntax to be more clear ?
No big deal, of course, but it could save some time for users who will check their config several times before understanding the problem.
Best regards,
Related issues
Associated revisions
History
#1
Updated by Ori Rabin over 4 years ago
Updated by - Assignee set to Ori Rabin
#2
Updated by Ohad Levy over 4 years ago
Updated by - Target version set to 1.8.1
- Legacy Backlogs Release (now unused) set to 10
#3
Updated by Dominic Cleal over 4 years ago
Updated by - Status changed from New to Ready For Testing
#4
Updated by Ori Rabin over 4 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 42163f861cfa9c5446abbe5d53035365085e441d.
#5
Updated by Dominic Cleal over 4 years ago
- Related to Bug #7003: Unable to connect to AD through ldap login module added
fixes #5414: LDAP + TLS is not LDAP + TLS but LDAP + SSL and changed port automatically on check