search

znuny / Znuny

Znuny/Znuny LTS is a fork of the ((OTRS)) Community Edition, one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management.
https://www.znuny.org
GNU General Public License v3.0
332 stars 82 forks source link

No STARTTLS for LDAP binding #552

Closed afleury88 closed 3 months ago

afleury88 commented 3 months ago

Hello,

This is my first time posting here and in fact its my first time with Znuny (I was on another fork of OTRS until now) so please be indulgent :). I am trying to bind a ldap over STARTTLS to znuny for my agents and customer users but i can't find the way to specify the use of STARTTLS. After many days of search I came to the conclusion that this is not an available option but if possible I would love it to be included in the roadmap. Does anyone can help me find a way until then ?

Best regards

hanneshal commented 3 months ago

Hi,

welcome to Znuny. If it is really needed on your side, It would be possible to adopt this change manually. The change needs to be applied in the Kernel/System/Auth/LDAP.pm

So a parameter would be needed to tell Znuny "Use StartTLS" and pass it to the Net::LDAP lib

https://metacpan.org/pod/Net::LDAP#start_tls

I don't think it would hurt to implement it, but - at the moment - I dont see a use "for the masses" at it would be implementing support for an older technology, which is by design not that secure. 😄

Is there really no LDAPS support on your LDAP Controller?

Regards Johannes

afleury88 commented 3 months ago

Hello,

Thank you for your response.

I'm going to try to switch to LADPS cause I already tried the Net::LDAP lib thing and it didn't work. Moreover I'm not a fan of changing files I'm not suppose to and which won't survive an upgrade without proper attention.

Best regards,