LDAP over SSL fails to connect

Marius-T · June 4, 2021, 9:59am

Used Zammad version: 4.0.x
Used Zammad installation type: package
Operating system: Debian 9
Browser + version: any

Expected behavior:

I want Zammad to connect to our LDAPS server

Actual behavior:

Zammad won’t let me connect to our Active Directory via LDAPS
"Can’t connect to ‘FQDN’ on port ‘50001’, getaddrinfo: Name or service not known

Steps to reproduce the behavior:

-Setup a new Zammad installation
-Install a LDAP server on a DC via this documentation: Step by Step Guide to Setup LDAPS on Windows Server - Microsoft Tech Community
-Verified that LDAPS is working by starting the ldp.exe and connecting to LDAPS

I already looked through the Zammad Documentation, but cannot seem to find the solution needed to implement LDAPS. Only link I could find was: LDAP / Active Directory — Zammad documentation

I cannot seem to get our Zammad connecting to our DC to read and implement our AD, it might be a simple solution of adding the DC certificate to our Debian Zammad machine, yet I cannot seem to find answers on that topic. If you could assist me in that matter, I would be very grateful.

astrugatch · June 5, 2021, 10:36pm

Did you install the root cert that you generated in AD CS into the cert store on your Zammad server? If you don’t the cert likely won’t be trusted as it’s not a public cert.

Marius-T · June 7, 2021, 7:06am

Hello, no I haven’t installed it on the Zammad Server yet. I am currently looking at a solution on how to install a root certificate on the Zammad Server. (debian 9)

Marius-T · June 14, 2021, 12:48pm

Hello again! Alright, I was able to fix my mistake - it was a faulty kerberos config file. Now that I have validated everything again and restarted all the services, everything is working as intended!

Thank you anyway!

system · October 12, 2021, 12:48pm

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.