Announcement

Collapse
No announcement yet.

Connecting EspoCRM to LDAP Error

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Connecting EspoCRM to LDAP Error

    We have successfully installed EspoCRM via the script as a Docker image and with SSL/TLS certificates - the site is running perfectly and we have updated the certificates to our own and this also works as should.

    However, when trying to connect to our Windows AD LDAP server, selecting test connection gives us a 'Error 500' on the site and then "Can't contact LDAP server; getLastError: could not call ldap_get_option because LDAP resource was not of type resource" in our logs.

    Could this be to do with the SSL certificate? There is no option to 'ignore' this or allow it and continue the connection successfully as we have on other sites.

    Any help would be greatly appreciated.
    Tags: None
  • #2
    I would prefer a proper install (e.g. VM) rather than using docker in these circumstances.
    I suspect that the php extension for LDAP authentication is missing in the docker container because this extension is specified as optional.

    In addition, if you want to make an LDAPS (secure via port 636) connection to a Windows AD, you must make your Windows Certificate Authority known to the operating system (e.g. Debian) when using a self-signed certificate, after you have set up your local AD accordingly for LDAPS set up.

    Example Espo on Debian:
    Put the CA.crt file on the server to /usr/local/share/ca-certificates/YOUR_Certificate_Authority.crt and then run in the console:
    update-ca-certificates.
    The output should be 1 added.

    I have a template for an installation on Debian with Apache, PHP, MariaDB, Cron, LDAP(S), Websockets. If you need one write me a PM, it's written in German, but not too much.​

    Comment

    Previous template Next
    Working...
    X