LDAP over SSL / How to configure connection to Active Directory

I have the followling configuration problem: When I use this LDAP configuration (never mind the bind user part, I’m not at that part yet):

LDAP_SERVER_URL = 'ldap://host.domain.de'

I get this message in dtable_web.log

2023-03-24 06:31:13,852 [ERROR] seahub.base.accounts:789 authenticate ldap admin bind failed. {'msgtype': 97, 'msgid': 1, 'result': 8, 'desc': 'Strong(er) authentication required', 'ctrls': [], 'info': '00002028: LdapErr: DSID-0C090273, comment: The server requires binds to turn on integrity checking if SSL\\TLS are not already active on the connection, data 0, v3839'}

That looks as if I need to use LDAPS (LDAP over SSL / TLS) for the connection, right?
Question is: How do I configure this in Seatable? Is it possible at all?

In other Systems (Symfony-based PHP application), a configuration like this works:


Obviously, the software chooses the right protocol (ldaps) and port (636). How do I achieve this in seatable?

We will give it a check in the next week.

Any news? Should be a simple option to enable in standard libraries


After testing, there are two steps needed:

  1. Add TLS_REQCERT to file /etc/ldap/ldap.conf inside the docker image

  1. Change http to https in LDAP_SERVER_URL

Please give it a try.

Thanks for figuring this out! I can confirm that this would possibly work. (note that LDAP_SERVER_URL needs to change from ldap://ldap.mydomain.com:389 to ldaps://ldap.mydomain.com:636).

This also means that the workaround seems to support LDAP oder SSL (on port 636), but not LDAP with STARTTLS (on Port 389). Because our installation (AD) supports both, I’m fine with it.

However, I’ll wait until the change to ldap.conf is permanently baked into the seatable docker image in a future version, because the change is not persistent at the moment.

In the meantime, I have set up a little python container running ldaptor, which proxies between ldap and ldaps. Looking forward when this is built into seatable properly.

1 Like