Don't know if this is a bug, or just my inexperience with LDAP, but I can't get LDAP Integration working with Novell eDir.

Looking at past posts, I have configured Drupal LDAP, as follows:

LDAP Server: ldap://ldapserverip

Start-TLS: NO

Base DNs: ou=deptname, o=divisionname

(Pretty sure this part is right, based on successful authentication w/ other LDAP browsers.)

Username attribute: *tried both 'cn' and 'uid'

(Both had some success. Second one produced error saying no "clear text" passwords allowed.)

Our thinking is that perhaps this is a problem with SSL and Drupal grabbing a certificate.

This is based on the fact that using "ldap://" w/ 'uid', we get "no clear text passwords allowed", but using "ldaps://", we get a connection error.

Please forgive my ignorance, but if anyone has a clue what this is about - please let me know.

Also, if this is better suited as a forum topic, than an issue - I can post there, as well.

Comments

jondblackburn’s picture

Category: bug » support
mvdschoot’s picture

By default eDirectory only allows secure ldap connection when a password travels accross the wire. To disable this behaviour (Thus, allowing clear text passwords) goto your 'LDAP Group - (servername)' object and untick 'Require TLS for Simple Binds with Password'.

Perhaps the only bug standing will be: does Drupal LDAP Integration support SSL?

jondblackburn’s picture

Okay . . . not sure what did it in the end, but it is now working.

We:

1. Set up our ldap.conf to point at our SSL certificate (that was exported from eDir)
2. Added a proxy user (despite the fact that eDir allows anonymous browsing of the tree)

The latter change is what seemed to have got Drupal working w/ eDir.

No problems now - on to setting up LDAP groups . . .

Thanks for the input.

jondblackburn’s picture

Status: Active » Closed (fixed)

I am going to close this support request - as it's working for us.

Hopefully, this works for others w/ similar problems, as well.