Sundeep Singh Nanuwa skrev den 2015-09-04 16:11:
I want configure LDAP address book lookup, I have added the relevant info in main.inc.php using ldaps port 636 but I get the following error Sep 3 11:29:49 slapd[24950]: conn=22120 fd=19 closed (TLS negotiation failure)
ldap support tls
does this work in thunderbird ?
but it can aswell be ldap auth login not working ? just check tls fails first
tls fails
so ldap support tls ?
ldap_start_tls(): Unable to start TLS: Can't contact LDAP server
is ldaps port 636 ?
yes
so roundcube need to use STARTTLS just like it should with submission ?
or is it LDAPS before content is sent ?
possible ldaps need same ssl fixes just like imaps/smtps with verify peer certs ?
does it work if using ldap port ? does your ldap server supports both ?
yes
good
sadly i have more questions here, would like to know how to make thunderbird ldap work aswell for addressbooks, mozilla is not very helpfull there :/
I have address book working in Thunderbird using my ldap host and port 636.
Does the ldap server need to be localhost for it to work with roundcube server?
possible to get a mozilla link for the ldif setup or a copy from you that works from thunderbird ?, i have tryed to get it from mozilla, but still not found any info on it :(
for localhost i just say ssl/tls does not prevent data leaks since trafic is local, so all in all, use ssl/tls if outside of roundcube and openldap servere connections is used, same goes for thunderbird
just one thing left is that localhost can still be tcppdumped from unix users if its not socket with /path/to/socket eg inet socket is more unsecure if there is login users
hopefully i am right in that point