LDAP over SSL fails to connect

  • Used Zammad version: 4.0.x
  • Used Zammad installation type: package
  • Operating system: Debian 9
  • Browser + version: any

Expected behavior:

I want Zammad to connect to our LDAPS server

Actual behavior:

Zammad won’t let me connect to our Active Directory via LDAPS
"Can’t connect to ‘FQDN’ on port ‘50001’, getaddrinfo: Name or service not known

Steps to reproduce the behavior:

-Setup a new Zammad installation
-Install a LDAP server on a DC via this documentation: Step by Step Guide to Setup LDAPS on Windows Server - Microsoft Tech Community
-Verified that LDAPS is working by starting the ldp.exe and connecting to LDAPS

I already looked through the Zammad Documentation, but cannot seem to find the solution needed to implement LDAPS. Only link I could find was: LDAP / Active Directory — Zammad documentation

I cannot seem to get our Zammad connecting to our DC to read and implement our AD, it might be a simple solution of adding the DC certificate to our Debian Zammad machine, yet I cannot seem to find answers on that topic. If you could assist me in that matter, I would be very grateful.

Did you install the root cert that you generated in AD CS into the cert store on your Zammad server? If you don’t the cert likely won’t be trusted as it’s not a public cert.

Hello, no I haven’t installed it on the Zammad Server yet. I am currently looking at a solution on how to install a root certificate on the Zammad Server. (debian 9)

Hello again! Alright, I was able to fix my mistake - it was a faulty kerberos config file. Now that I have validated everything again and restarted all the services, everything is working as intended!

Thank you anyway!

1 Like

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.