-
Type:
Bug
-
Status: Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 15.0.35
-
Fix Version/s: None
-
Component/s: Userman
-
Labels:None
-
Asterisk Version:16.17.0
-
Distro Version:12.7.8-2104-1.sng7
-
Distro:FreePBX Distro
Can't seem to enable TLS over port 389 without userman changing hostname to ldaps://. When defining a directory to point to MSAD with the following:
{noformat}
Secure Connection Type: Start TLS
Port: 389{noformat}
The host should use ldap://, not ldaps://, which can be seen when running:
{noformat}/usr/sbin/fwconsole userman --syncall --force -vvv{noformat}
Output will show a -H option of ldaps:// even when SSL is not selected.
Issue somewhat mentioned here: ldapsearch Fails to Connect With LDAP Server With "TLS already started" Error - Red Hat Customer Portal
I think SSL/TLS are mutually exclusive, both are "non-plain text", but TLS can run over ldap://.
