Not logged in. · Lost password · Register

All posts by myr@htw (4)

topic: [solved] authldap with ldaps  in the forum: General Help and Support Features and Functionality
Avatar
myr@htw #1
Member since Oct 2018 · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
My problem is solved:
I updated the operating system (CentOS 7) - yum update -
and now everything works fine ! Don't know why ......
topic: How to authenticate 2 groups of users LDAP in dowukiwi?  in the forum: General Help and Support Installation and Configuration
Avatar
myr@htw #2
Member since Oct 2018 · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
In reply to post ID 61359
Hello,

you define the privileges for the groups at the Admin page,
topic ACLs.

Here you add the goups with the desired privileges.
Please note the correct order:
At first @ALL --> None   (if appropriate)
then the groupe with the highest privileges
then the group with less privileges

Hope that helps!
topic: [solved] authldap with ldaps  in the forum: General Help and Support Features and Functionality
Avatar
myr@htw #3
Member since Oct 2018 · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
In reply to post ID 63024
Hello,

is there nobody having a tip for me?

Margit
topic: [solved] authldap with ldaps  in the forum: General Help and Support Features and Functionality
Avatar
myr@htw #4
Member since Oct 2018 · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
Subject: [solved] authldap with ldaps
Hello,

I'd like to authenticate over ldaps (ldap over ssl, not starttls).
In local.php I have set our ldap server with the ssl port 636

When I try to login the following error occurs:

 LDAP: couldn't connect to LDAP server
Benutzername oder Passwort sind falsch.

In /etc/openldap/ldap.conf I have set the following parameters:

BASE ou=......
URI ldaps://<ourldapserver>:636/

TLS_CACERTDIR   /etc/openldap/cacerts
TLS_CACERT      /etc/openldap/cacerts/CAcert.pem
TLS_REQCERT     never

When sniffing with wireshark I see the error

TLSv1.2 Alert (Level: Fatal, Description: Unknown CA)


Dokuwiki authentication works fine with ldap (without ssl).

LDAPS authentication works fine with our ldap server(s) for many other services with the same certificate.

What can be wrong?

Regards
Margit
This post was edited on 2018-10-30, 08:10 by myr@htw.
Close Smaller – Larger + Reply to this post:
Special characters:
Special queries
Go to forum
Imprint
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Current time: 2019-07-23, 14:01:52 (UTC +02:00)