I have some issues with the functionality of the LDAP under NethServer 7rc1. I have 3 potential clients for the LDAP running on the NethServer: a MacBook with OS X, a QNAP NAS and a OpenMediaVault Linux. Currently with none of the clients I was able to connect the LDAP.
I made the following additional tests:
connecting a secondary NethServer 7rc1 installation to the LDAP works! However I’ve noticed that only anonymous, read-only connection is employed.
I’ve used jxexplorer to connect to the LDAP Server and anonymous usage is fine. However, I cannot connect with authentication to the server. SSL connection does not work either. At least one client requires authenticated connection. I personally prefer SSL to secure any communication.
My questions are:
is possible to use authenticated connection to the LDAP on the nethserver?
is it possible to use SSL with the nethserver/OpenLDAP?
Thank you Davide!
I’ve updated the new packages and I can confirm that I can connect with QNAP with authentication over STARTTLS port 389.
if I understood correctly there are two technical ldap accounts:
ldapservice - read-only
libuser - full access, read-write
Usually, the first technical account must be used (is the one presented in the GUI).
Is if valid to use the second one if a client needs read-write access (e.g. can request password change). Would if work?
Btw. I am still not having luck with the macOS. If anybody now how to enable the STARTTLS binding from a mac client please drop me a line. This however has nothing to do with NS7. It works now.
Sorry, tried several LDAP clients but I cannot connect authenticated but only as anonymous.
The only authenticated client that I have is a QNAP NAS and there is no functionality to edit something. I still not succeeded to connect a mac to the LDAP client with authentication
I am not quite sure. On my server everything was ok with the server hosted Roundcube and WebTop. Just to experiment a bit I’ve installed the NextCloud.
→ while yes, in the NexCloud I was not able to authenticate with a normal user, the problem was fixed quickly by changing with the admin account in NextCloud the ldap server name, BASE DN and the credentials as shown under “Domain accounts”. I know, not using libuser but ldapservice, but it works.
→ Roundcube works on my side fine
hope it helps with the bug.
@all: does anybody succeed to connect a OS X Client to the LDAP server over TLS and authentication? I found out the OS X is very picky in regard with the certificates. An authenticated ldapsearch does not work either from the OSX client. There are some information about installing the server certificates on the client but I don’t feel comfortable with that. Plz drop me a line if one of you was successful.
ok. I am one step further. I use now rockstor as a LDAP client for NethServer. On the Rockstor there is a GUI to introduce the TLS pen certificate for the LDAP server. I cannot figure out what this file would be. It is probablyone of these: