-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Connecting to LDAP server without TLS #15
Comments
Hi @jbperrin88, what is ldap connection string you are using? is it |
Woooo , such rapid answer . i'm impress .... This is my configuration:
|
i've even try to set the port in the connection string LDAP_SERVER: "ldap://XXX:389" |
@jbperrin88 thanks, I'll give it a look, a tls connection shall not be initiated when ldap scheme shall not be triggering TLS start: https://github.com/pinepain/ldap-auth-proxy/blob/master/ldap.go#L50 |
So , i try without Scheme in URL . Same error message . The log say : cannot StartTLS Is the 'StartTLS' option is set by default (StartTLS is neither TLS or SSL) And i used you last docker image from docker Hub . |
@jbperrin88 thanks, I'll give it a look, the tls shall not be initiated when ldap scheme is not |
Hum look like this : jtblin/go-ldap-client#3 |
Yeah, looks relevant to me. Anyway, I had in mind to migrate to raw LDAP library (v2 or v3), so it may be a good thing to do. |
Another short question , i'm using Ldap to request windows AD . How can i used the group filtering method . if i've understood , i need to find a filter to get all groupe the user belong to (only this the %s -> sAMAccountName) and use the GROUP_HEADER in to set the group i want ? |
Giving that you have export With nginx proxy block it may be sth like this:
It is a bit complex example which I use to have single point of auth for multiple hosts. It should give you a perspective how to use groups filtering. |
Hi there ,
Like some other user , i would like to use your project to forward auth to LDAP server from Traefik .
There is STILL few LDAP server without TLS in my environement (I know..... it's a bit dirty)
When i tried to connect to this kind of server , i got "Failed to connect: LDAP Result Code 1 "Operations Error": ldap: cannot StartTLS (00000000: LdapErr: DSID-0C090E6B, comment: TLS or SSL already in effect, data 0, v1db1\x00)"
Can you please,give me some Tips ? Is it possible ? Do you have some special env ?
Thanks !
The text was updated successfully, but these errors were encountered: