LDAPS issues
-
Anybody managed to get Veyon to connect via LDAPS either SSL or TLS? Spent a good hour playing with settings and can't figure it out. LDAPS is definitely working everywhere else
When using TLS with cert set to use our CA cert and port 636 I get
2019-12-10T15:24:18.078: [INFO] [UltraVNC] virtual BOOL vncClientThread::InitVersion() : Send protocolMsg
2019-12-10T15:24:18.078: [INFO] [UltraVNC] virtual BOOL vncClientThread::InitVersion() : Send_OK
2019-12-10T15:24:18.078: [DEBUG] ServerAuthenticationManager::performKeyAuthentication(): SUCCESS
2019-12-10T15:24:18.094: [DEBUG] [KLDAP] connection closed!
2019-12-10T15:24:18.094: [DEBUG] [KLDAP] ldap url: "ldap://hans.sch4304.internal:636"
2019-12-10T15:24:18.099: [DEBUG] [KLDAP] setting version to: 3
2019-12-10T15:24:18.099: [DEBUG] [KLDAP] setting timeout to: 0
2019-12-10T15:24:18.099: [DEBUG] [KLDAP] setting security to: 1
2019-12-10T15:24:18.121: [DEBUG] [KLDAP] start TLS
2019-12-10T15:24:18.127: [DEBUG] [KLDAP] connection closed!
2019-12-10T15:24:18.128: [WARN] LdapClient::reconnect(): LDAP connect failed: ""Change the port to 389 and it works with TLS selected albeit I don't think it is using TLS, but set the TLS cert verification to none and it fails so that tells me the cert is being read and verified correctly.
Obvious thing that stands out here is it is still attempting an ldap and not an ldaps connection
With the impending force of ldaps in January this could well be a problem for many people if it doesn't work.
Anybody else had any luck? Seems like a bug to me.
-
This is using version 4.3.1 by the way
-
Just turned on LDAPS and enforced it on our DCs. Playing with the veyon settings I have found that the following still works
LDAP server and port: DC works but Domain Name doesn't so have specified a DC. Port 389 works however 636 does not
Encryption protocol: TLS
TLS certificate verification: Custom
Custom CA certificate file: Exported CA cert in CER format, changed extension to PEM and plonked onto a shareHope this helps somebody
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login