Yes. The reason we went with stunnel is because we thought that 
dealing with LDAPS and certificates would be too time consuming 
with our existing setup. We had everything working with LDAP and 
no expertise with generating self-signed certs with Microsoft 

If you can explain how to do that, it would be most 
appreciative, however if there is a way that ldap_connect() can 
be used WITHOUT LDAPS, then that would be better for us.


- Cliff
--- Begin Message ---
Hash: SHA1


The LDAP code is being used by many people for authentication; so, you should 
be able to use it without worrying about issues with it once you have it set 
up correctly.  You also gain some optional user group management if you use 

I've not used stunnel before; so, I'm not exactly sure what modifications will 
need to be made to the code to support it.  I doubt it will work out of the 
box because the code expects to be able to connect to an LDAP server using


But, if stunnel can be set up such that just using localhost as the hostname 
will work, you may be able to do it without any modifications.

Is there a reason ldaps won't work for you?  If it is because of self-signed 
certificates, I can explain how to work with that.


On Thursday May 20, 2010, Clifton B Wood wrote:
> Passing this along by request from Andy.
> I am curious as to how robust the LDAP code is in VCL, as we 
> might be required to make web front-end logins use that 
> authentication method in the future.
> Thanks!
> - Cliff
> Andy,
> I am trying to get LDAP logins working on our VCL pilot. First 
> off, we are not using LDAPS, we are using basic logins with 
> stunnel (ldap requests are sent to a port on the local 
> machine, the request is then encrypted and sent to our Active 
> Directory server) -- I've verified that this works using other 
> LDAP tools, however when I try logging in using VCL, it 
> doesn't work.
> Does the LDAP code you are using for VCL support this kind of 
> setup?
> I've attached my conf.php file to this email.
> Thanks!
> - Cliff Wood
> Morgan State University
- -- 
- -------------------------------
Josh Thompson
Systems Programmer
Advanced Computing | VCL Developer
North Carolina State University

my GPG/PGP key can be found at
Version: GnuPG v2.0.14 (GNU/Linux)


--- End Message ---

Reply via email to