On 27. sep. 2017 12:24, Roger Aas wrote:

Hi,

 

I have the NAV webfront LDAP authentication working with a Windows AD server, but only with unencrypted traffic on port 389.

 

In the file /etc/nav/webfront/webfront.conf

 

port = 389

encryption = none

 

It works well with search for user in the AD tree and group requirement.

 

But if I change encryption to tls, or port to 636 and encryption to ssl then it fails.

 

Anyone have this working? If yes, what did you have to do to get it to work?

 

I can not use it as it is as both the user account used for binding to the server and the user trying to authenticate have their passwords in cleartext in the packets.

Hi,

We use port = 389 and encryption = tls on our server. This works fine. My guess is that you have some issue with certificate validation.

Best regards,

Sigmund