LDAP signing in Windows Server connect

go-ldap / ldap

Basic LDAP v3 functionality for the GO programming language.

Other

2.19k stars 353 forks source link

LDAP signing in Windows Server connect #347

Open xuefengyuan opened 2 years ago

xuefengyuan commented 2 years ago

During my use, I connect to LDAP signing in Windows Server error ldap signing config doc url : https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/enable-ldap-signing-in-windows-server

error info : Cannot bind: LDAP Result Code 8 "Strong Auth Required": 00002028: LdapErr: DSID-0C090256, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v38 39

abolinhas commented 1 year ago

nodauf commented 1 year ago

If the server returns this error, you have to enable a TLS connection. On my side, I use the following snippet code:


import (
    "crypto/tls"
    "github.com/go-ldap/ldap/v3"
    "net"
)
[...]   
        defaultDialer := &net.Dialer{Timeout: time.Duration(timeout * int(time.Second))}
        conn, err = defaultDialer.Dial("tcp", net.JoinHostPort(target, port))
        tlsConn := tls.Client(conn, &tls.Config{InsecureSkipVerify: true})                                                                                                                                                                    
        ldapConnection = ldap.NewConn(tlsConn, true)                                                                                                                                                                                          
        ldapConnection.Start()