Ldaps authentication


There isn’t too much information about ldaps configuration.
So I found this one: https://doc.owncloud.org/server/8.2/admin_manual/configuration_user/user_auth_ldap.html

How can I be sure that ldaps are used?
What I’ve done I’ve put tha cacert of my company root ca to the /etc/openldap/cacerts
in the ldap.conf this is the not commented lines:

TLS_CACERTDIR /etc/openldap/cacerts

In owncloud I didn’t put the checkbox in the Turn off SSL certificate validation in the advance user authentication tab.

How can I be sure is it woorking or my setup is good?

In Settings > User Authentication in the Tab “Users” or “Login Attributes” you can hit “Verify settings and count users” or “Verify settings”. Then you’ll know if it works.

For any further assistance you would need to provide more details about your configuration. Just answer the questions provided when you create a new Topic. Also please adjust the category. I think it should be “Server”.

1 Like

ldaps usually uses port 636, and the communications are encrypted. It should be enough if you can connect properly.

You can also change to a wrong / different certificate to ensure the certificate is being validated, and you can also use a packet sniffer to ensure the communication is encrypted.

1 Like

This is my ldap config:

cat /etc/openldap/ldap.conf

BASE dc=xyz,dc=local
URI ldaps://xyz.local:636,ldaps://xyz.local:636

TLS_CACERTFILE /etc/openldap/cacerts/cert.cer

And this is on the owncloud server:

This settings is not working.

Do you guys see anything special?