[ZendTo] LDAPS and StartTLS
Jules
Jules at Zend.To
Wed Feb 21 09:36:13 GMT 2018
Sam,
You won't need a certificate on the client, just on the LDAPS server.
If you specify ldapUseSSL, but *not* ldapStartTLS, then the name of the
LDAP server gets "ldaps://" pre-pended to it.
If you specify ldapStartTLS, then the ldap_start_tls() PHP function is
called immediately before the ldap_bind().
The actual LDAP connection code is very simple. Take a look in
/opt/zendto/lib/NSSLDAPAuthenticator.php starting at line 163. The
"ldap_..." functions it calls are standard PHP ones, you'll find docs on
php.net for those functions.
Unusual to be using LDAP and not AD......
Cheers,
Jules.
On 20/02/2018 11:43, s.mccarthy at surrey.ac.uk wrote:
>
> Hi
>
> Just a slight confusion over LDAPS, does this not require a
> certificate to be installed? Also what is the difference between
> ldapUseSSL and ldapStartTLS?
>
> Cheers
>
> Sam
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
'All programs have a desire to be useful' - Tron, 1982
www.Zend.To
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20180221/64a1641c/attachment.html
More information about the ZendTo
mailing list