Am 20.03.2018 um 15:56 schrieb Götz Reinicke (goetz.reini...@filmakademie.de): > Hi, > > I try to use our samba 4 ad as the user source but looks like I miss an point > or option. > > I have added a dedicated user to the ad, edited the config and restarted > SOGo&memcached. > > From the logs so far I guess it’s a SSL problem.
Yes it is. You need to install the certificates at the distro level (localtion can be specified in /etc/openldap/ldap.conf) or configure /etc/openldap/ldap.conf to not check the certificates with: TLS_REQCERT never Location of the files may vary. This is for Centos. Sogo.conf looks like this: SOGoUserSources = ( { CNFieldName = displayName; IDFieldName = sAMAccountName; UIDFieldName = sAMAccountName; bindAsCurrentUser =YES; baseDN = "cn=xx,dc=xx,dc=xx,dc=xx"; bindDN = "CN=xx,CN=xx,DC=xx,DC=xx,DC=xx"; bindFields = ( sAMAccountName ); bindPassword = "xx"; listRequiresDot = NO; canAuthenticate = YES; displayName = xx; hostname = "ldaps://xx.xx.xx"; id = xx; isAddressBook = YES; SearchFieldNames = (sAMAccountName,displayName,mail); } As you can see we have the domain name as ldap server this des a "crude" load balancing as the DNS returns the IPs of all DCs in the ActiveDirectory. regards > > May be someone has already a working set and can share the hints and doc how > to use that? > > Thanks & Regards . Götz > > -- Dr. Christian Naumer Research Scientist Plattform-Koordinator Bioprozesstechnik B.R.A.I.N Aktiengesellschaft Darmstaedter Str. 34-36, D-64673 Zwingenberg e-mail c...@brain-biotech.de, homepage www.brain-biotech.de fon +49-6251-9331-30 / fax +49-6251-9331-11 Sitz der Gesellschaft: Zwingenberg/Bergstrasse Registergericht AG Darmstadt, HRB 24758 Vorstand: Dr. Juergen Eck (Vorsitzender), Frank Goebel Aufsichtsratsvorsitzender: Dr. Ludger Mueller -- users@sogo.nu https://inverse.ca/sogo/lists