LDAP with SSL (MS Server 2016)

kotte

Re: LDAPS issues

Hi,

we try to use the LDAP integration with SSL, but we could't manage to get a connection over 636. Without SSL on port 389 everything works fine...

Unfortunately we are out of ideas. Found the topic "ldaps-issues" but there are no applicable solution too... Does anyone have an idea?

Thanks for helping!

Regards
Tim

kotte

Other Services like McAfee are already using LDAP with SSL and all working fine in our environment... Only Veyon won't start to work with SSL over Port 636.
Microsoft will remove non secure access to the AD mid of this year. So without SSL or TLS the LDAP access from Veyon will stop working.

fred

Hello
I am also looking for a solution for past the connection to AD in SSL / TLS without success for the moment ...
I found an answer here:
http://www.edugeek.net/forums/network-classroom-management/211999-veyon-ldaps-not-working.html
but I can't put it to work ...
I am with 4 AD controllers (2 * 2008R2 and 2 * 2012R2) and soon the 2008R2 will be replaced by 2019
Fred

tobydox

Have you exported the CA certificate of your domain and configured Veyon to use it? Does the access work when setting "TLS certificate verification" to "Never"? Also make sure to use the correct hostname so the actual server certificate matches the server address Veyon connects to.

tobydox

Nevermind, there's a problem in the LDAP subsystem causing certificate settings not being applied properly when using SSL/LDAPS. TLS should work fine though. We're working on a fix for the next release.