Bonjour, I tried to create raop user in Windows AD and also published cert on AD for LDAPs. But the LDAP auth fails with following error 2025/03/10 19:17:10 ERROR Could not instantiate ldap object (Connection reset by peer) [pid=2312|sid=tfo8]2025/03/10 19:17:10 INFO Got invalid auth result from handler ActiveDirectory [pid=2312|sid=tfo8]2025/03/10 19:17:10 WARN Login failed (user: raop, error: Could not instantiate ldap object (Connection reset by peer) at /usr/share/perl5/Connector.pm line 249, <DATA> line 960.) [pid=2312|sid=tfo8]2025/03/10 19:17:10 ERROR I18N_OPENXPKI_UI_AUTHENTICATION_FAILED [pid=2312|sid=tfo8]
It is surprising to mention that OpenXPKI inititating TLS v1 msg for LDAP auth. I am using following config in OpenXPKI /etc/openxpki/config.d/realm.tpl/auth/connector.yaml #Windows ADuser-ad: class: Connector::Builtin::Authentication::LDAP LOCATION: ldaps://abc.com verify: require # Require certificate verification cafile: /etc/openxpki/tls/ca.crt # Path to the CA certificate base: DC=abc,DC=com binddn: "CN=Administrator,CN=Users,DC=abc,DC=com" password: XXXX filter: "(sAMAccountName=[% LOGIN %])" /etc/openxpki/config.d/realm.tpl/auth/handler.yaml ActiveDirectory: type: Connector #user@: connector:auth.connector.user-ad source@: connector:auth.connector.user-ad role: RA Operator /etc/openxpki/config.d/realm.tpl/auth/stack.yaml ActiveDirectory: label: Domain Login description: Login with username and password handler: ActiveDirectory type: passwd
_______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
