I have since been able to setup stunnel4 using the cert+key files from the google ldap client and connected from Directory Studio without authentication to get to Fetch DN's part/retrieve data, but how to use Directory Studio alone for this?
On Tue, 15 Nov 2022 at 11:10, Andy Brook <[email protected]> wrote: > Hi, > Connecting to google workspaces via ldap has been on my todo list for a > while. Have just tried with 2.0M17 but without success. I have imported > google ldap cert into cacerts: > > Owner: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View, > O=Google Inc. > Issuer: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View, > O=Google Inc. > Serial number: 1847ac30780 > Valid from: Tue Nov 15 10:08:32 GMT 2022 until: Fri Nov 14 10:08:32 GMT > 2025 > > If validated the service from the google docs ( > https://support.google.com/a/answer/9190869), the openssl command returns > as expected with "Verify return code: 0 (ok)" > > I have created google ldap client (with all access permissions) and access > creds : https://support.google.com/a/answer/9048541#generate-access-codes > and put this in the Directory "Authentication" params for Simple Auth, > "Check Authentication" generates "ERR_04169_RESPONSE_QUEUE_EMPTIED" that > https://issues.apache.org/jira/browse/DIRSERVER-2337 indicates is a > symptom rather than cause, the fuller stack just indicates timeout. > > I can't seem to authenticate, so can't get to even Fetch Base DN's etc. > > Anyone trod this path before?! Any pointers? My end goal is establish a > connection from Java, Directory Studio connectivity is the litmus test! > > Thanks for any replies! > Andy > > -- Andy Brook
