mariuszkrzaczkowski
commented
7 years ago 
Closed rafamacedo closed 7 years ago
mariuszkrzaczkowski
commented
7 years ago
rafamacedo
commented
7 years ago Thanks!
xentity
commented
4 years ago Hello! I want to add the question, how the LDAPS configuration should look like? I'm not able to login with LDAP.
Our Domain Controller denies LDAP bindings over port 389 (unencrypted):
LDAPMessage bindResponse(1) strongAuthRequired (BindSimple: Transport encryption required.) <-- got this from a tcpdump
If I try this with port 636 (ldaps), I can see in the dump that YetiForce continues to send unencrypted ldap request to the encrypted server port (the consequence is a TCP Reset from the Domain Controller). The entire TLS handshake is missing.
imho, the method should be changed, if the port is 636 (ldaps) or 3269 (global catalogue TLS), ldap_connect("ldaps://host", $port) should look like this. Or a checkbox to switch between ldap:// and ldaps:// ?
I'm open for any experiments, since it is no production system so far. Only, the security level of the Domain Controller should not be lowered :-)
Hello guys
I found this feature of LDAP and went searching the Internet for its meaning. Very interesting that it does integration with both mobile and Outlook. So I decided to activate it and configure it. But I found doubts that even in the manuals I did not interpret.
How do I fill those fields in the image? Could you explain?
Thanks!