Hello Folks!
I face problem with latest usermin, it seems like it do not support OpenLDAP TLS.
We lock down the users ability to change source address, for that we uses the User From addresses lookup in LDAP.
Using OpenLDAP without TLS, in Centos 6, with pam_ldap and all that works perfectly. I can not see anywhere how to enable TLS, and add keys/certificates etc.
As usual I have tried to add port 636, and ldaps in front of server name and also :389 :636 after the address, still same result. Here is what /var/usermin/miniserv.error says:
Error: Failed to bind to LDAP server lina.ing-steen.se as : TLS confidentiality required
The same text arrives also on webpage after logging in usermin.
Disabling the requirement LDAP, and allowing user to change source email address, and all works normally again, but that we do not want.
Please see the picture attached, the exact same settings works in Centos6 using less secure OpenLdap without TLS.
Comments
Submitted by JamieCameron on Mon, 11/17/2014 - 21:37 Comment #1
So you should be able to enable use of TLS for the LDAP connection by adding the line
ldap_tls=1to/etc/usermin/mailbox/config. Due to a bug this option doesn't appear in the UI where you can configure the LDAP server, but it can still be set by manually editing the config file.Submitted by steen on Tue, 11/18/2014 - 11:48 Comment #2
Hello Jame!
it worked like a charm!
Thousands thanks for all support, it was excellent!
Now we have achieved full openldap integration using ssl/tls certificates and so on.
Submitted by JamieCameron on Tue, 11/18/2014 - 18:57 Comment #3
Great!
Submitted by Issues on Tue, 12/02/2014 - 19:00 Comment #4
Automatically closed -- issue fixed for 2 weeks with no activity.