Kolab-webadmin and StartTLS LDAP
Emmanuel MICHEL
emmanuel.michel at wanadoo.fr
Thu Jun 27 01:17:37 CEST 2013
Le 26/06/2013 19:58, Emmanuel MICHEL a écrit :
> Le 26/06/2013 09:31, Aleksander Machniak a écrit :
>> '-ZZ' ?
I found the solution but I don't know if it has any security implication
so I would need your advice Aleksander. So, here it is:
In /usr/share/kolab-webadmin/lib/ext/Net/LDAP3.php
$moz_ldapsearch,
'-ZZZ',
'-P /etc/dirsrv/slapd-myinstance',
Three Z is just to enforce the StartTLS request but two Z also works.
Then we need to add apache user to the dirsrv group. I believe
explanation is because StartTLS ldapsearch command is launched by apache
which then needs access to the SSL certificate database in
/etc/dirsrv/slapd-myinstance :
usermod -a -G dirsrv www-data
and reboot.
I hope this will help to improve kolab-webadmin in order to ease this
kind of setup in future versions.
Bests,
EM
More information about the users
mailing list