[ZendTo] News — Microsoft enforcing LDAPS for AD servers

[Glenn Noel]

Hi Jules,

I'm just trying the changes now.  The instructions state to add the
following to preferences.php:

'authLDAPServers1' => array('ldaps://your-AD-server-here.example.com'),
'authLDAPUseSSL1' => false,
'authLDAPUseTLS1' => false,

When I try this, the two forward slashes in the *
'ldaps://your-AD-server-here.example.com
<http://your-AD-server-here.example.com>'* comment out the
*your-AD-server-hear.example.com
<http://your-AD-server-hear.example.com>*

I've tried different iterations, but so far no luck.

Any advice, as always is much appreciated.

Glenn


On Sat, Feb 8, 2020 at 12:29 PM Jules via ZendTo <zendto at zend.to> wrote:

> Microsoft are about to enforce the use of LDAPS (removing unencrypted
> LDAP) when checking user credentials against an AD server.
>
> This needs a couple of minor changes to your ZendTo server.
>
> I have written up some simple instructions here
>     https://zend.to/activedirectory.php
> which certainly appear to work for me.
>
> I strongly advise you make the changes and test the resulting service
> before Microsoft release the patch that enforces the need for this. It
> should cause no harm except to improve the security of communications
> between ZendTo and your AD server.
>
> Any comments / problems / questions, please do let me know straightaway!
>
> Cheers,
>
> Jules
>
> --
> Julian Field MEng CEng CITP MBCS MIEEE MACM
>
> The current UK shipping forecast:
> Irish Sea: Southwest 4 or 5, becoming cyclonic 6 to gale 8, then north 4 to 6.
> Slight or moderate, occasionally rough in south. Rain. Good, occasionally
> poor.
> www.Zend.To
> Twitter: @JulesFM
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://jul.es/mailman/listinfo/zendto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20200210/69da3f50/attachment.html>