Am 20.03.2018 um 15:56 schrieb Götz Reinicke
([email protected]):
> Hi,
>
> I try to use our samba 4 ad as the user source but looks like I miss an point
> or option.
>
> I have added a dedicated user to the ad, edited the config and restarted
> SOGo&memcached.
>
> From the logs so far I guess it’s a SSL problem.
Yes it is. You need to install the certificates at the distro level
(localtion can be specified in /etc/openldap/ldap.conf) or configure
/etc/openldap/ldap.conf to not check the certificates with:
TLS_REQCERT never
Location of the files may vary. This is for Centos.
Sogo.conf looks like this:
SOGoUserSources = (
{
CNFieldName = displayName;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
bindAsCurrentUser =YES;
baseDN = "cn=xx,dc=xx,dc=xx,dc=xx";
bindDN = "CN=xx,CN=xx,DC=xx,DC=xx,DC=xx";
bindFields = (
sAMAccountName
);
bindPassword = "xx";
listRequiresDot = NO;
canAuthenticate = YES;
displayName = xx;
hostname = "ldaps://xx.xx.xx";
id = xx;
isAddressBook = YES;
SearchFieldNames =
(sAMAccountName,displayName,mail);
}
As you can see we have the domain name as ldap server this des a "crude"
load balancing as the DNS returns the IPs of all DCs in the ActiveDirectory.
regards
>
> May be someone has already a working set and can share the hints and doc how
> to use that?
>
> Thanks & Regards . Götz
>
>
--
Dr. Christian Naumer
Research Scientist
Plattform-Koordinator Bioprozesstechnik
B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail [email protected], homepage www.brain-biotech.de
fon +49-6251-9331-30 / fax +49-6251-9331-11
Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Dr. Juergen Eck (Vorsitzender), Frank Goebel
Aufsichtsratsvorsitzender: Dr. Ludger Mueller
--
[email protected]
https://inverse.ca/sogo/lists
