[
https://issues.apache.org/jira/browse/DIRSTUDIO-1173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16381696#comment-16381696
]
Emmanuel Lecharny commented on DIRSTUDIO-1173:
----------------------------------------------
There is no reason for the {{ManageDSAIT}} control to be used. Can you check
your connection properties (Browser Options tab) if the 'controls' part has
'Use ManageDSAIT control while browsing' selected ?
That being said, the {{ManageDSAIT}} control should not have any impact on the
{{StartTLS}} operation, however, it's always good to eliminate side effects.
> StartTLS fails when required by LDAP service
> --------------------------------------------
>
> Key: DIRSTUDIO-1173
> URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1173
> Project: Directory Studio
> Issue Type: Bug
> Affects Versions: 2.0.0-M13
> Environment: Windows 10 Pro 64bit
> Reporter: Anthony Winstanley
> Priority: Major
>
> We have 389-ds sitting behind an f5 load balancer. The load balancer requires
> connections on port 389 to use StartTLS. It makes connections to the 389-ds
> servers on port 389 using StartTLS.
> If I connect directly to port 389 on a 389-ds server with "Use StartTLS
> extension", the connection is fine. If I change the hostname of this
> connection to the load-balanced hostname, I get:
> "The connection failed - [LDAP: error code 48 - STARTTLS required]"
> However, ldapsearch successfully makes STARTTLS connections through the load
> balancer like:
> ldapsearch -x -H ldap://lbhost.example.com -ZZ
>
>
> My guess is that ADS is not activating StartTLS soon enough when connecting
> to port 389... which is fine if the connection doesn't require the use of
> StartTLS, but unworkable when it does.
> Of course, I'm hoping this is an easy fix...
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
