LDAP TLS negotiation error

I am trying to get LDAP authentication working and I am running into the following error:

root@nms01-eqch2
[/opt/librenms]# ./validate.php

Fatal error: LDAP TLS required but not successfully negotiated:Connect error

root@nms01-eqch2

The config for LDAP authentication looks like:

$config[‘auth_mechanism’] = “ldap”;
$config[‘auth_ldap_version’] = 3;
$config[‘auth_ldap_server’] = “ord1-admin-ldap01.xxxx.net”;
$config[‘auth_ldap_port’] = 389;
$config[‘auth_ldap_starttls’] = ‘require’;
$config[‘auth_ldap_suffix’] = “,ou=users,ou=posix,dc=xxx,dc=net”;
$config[‘auth_ldap_prefix’] = “uid=”;
$config[‘auth_ldap_groupbase’] = “ou=groups,ou=posix,dc=xxx,dc=net”;
$config[‘auth_ldap_groups’][‘xxx’][‘level’] = 10;

I have confirmed that the correct package, php-ldap, has been installed for php 7.0. Any help on where to go next would be greatly appreciated.

Thank you.

Likely your ad server’s ssl certificate is not trusted.

Murrant… I forgot to import the LDAP certificate. All is good now. LibreNMS is now authenticating to LDAP for all user access.

Thank you.

-Patrick

Sorry for commenting on a Closed thread, I hope this gets to someone who can help me, I seem to be having a similar problem, but what I can’t do for the life of me is figure out where or how to import the LDAP Certificate? Can you provide me some guidance?

We are talking about importing the certificate in Linux. Google that.

Hi Papatango,

Sorry to bug you, how did you import the certificate as I am having the same problem.

Hello,

I have published a fix about LDAP. Anyone could test this fix about LDAP https://github.com/librenms/librenms/pull/10760 ?

There are scripts to test PRs: ./scripts/github-apply 10760 and to rollback to original code ./scripts/github-remove -d

Note : the fix is not about this issue but I am trying to get someone that tests my fix