2023-03-24 06:31:13,852 [ERROR] seahub.base.accounts:789 authenticate ldap admin bind failed. {'msgtype': 97, 'msgid': 1, 'result': 8, 'desc': 'Strong(er) authentication required', 'ctrls': [], 'info': '00002028: LdapErr: DSID-0C090273, comment: The server requires binds to turn on integrity checking if SSL\\TLS are not already active on the connection, data 0, v3839'}
That looks as if I need to use LDAPS (LDAP over SSL / TLS) for the connection, right?
Question is: How do I configure this in Seatable? Is it possible at all?
In other Systems (Symfony-based PHP application), a configuration like this works:
LDAP_HOST=host.domain.de
LDAP_ENCRYPTION=tls
Obviously, the software chooses the right protocol (ldaps) and port (636). How do I achieve this in seatable?
Thanks for figuring this out! I can confirm that this would possibly work. (note that LDAP_SERVER_URL needs to change from ldap://ldap.mydomain.com:389 to ldaps://ldap.mydomain.com:636).
This also means that the workaround seems to support LDAP oder SSL (on port 636), but not LDAP with STARTTLS (on Port 389). Because our installation (AD) supports both, I’m fine with it.
However, I’ll wait until the change to ldap.conf is permanently baked into the seatable docker image in a future version, because the change is not persistent at the moment.
In the meantime, I have set up a little python container running ldaptor, which proxies between ldap and ldaps. Looking forward when this is built into seatable properly.
1 Like
Do it like thousands of other people who have used SeaTable to develop powerful processes and get their ideas and tasks done more efficiently.
