AD over SSL using Net/LDAP?


#1

Has anybody gotten Net/LDAP (0.4) to work with AD over SSL? I can
connect without SSL, but not able to connect with SSL even though nmap
shows that port 636 is listening. In fact I can connect using openssl,
which reveals it’s a self-signed cert.


#2

On 5/10/07, Amos removed_email_address@domain.invalid wrote:

Has anybody gotten Net/LDAP (0.4) to work with AD over SSL? I can
connect without SSL, but not able to connect with SSL even though nmap
shows that port 636 is listening. In fact I can connect using openssl,
which reveals it’s a self-signed cert.

At least one of my commercial clients has done exactly this. Are you
sending
the correct encryption parameters to Net::LDAP#new/#open? Also, if you
get
the head revision of Net::LDAP from rubyforge, you’ll find that
Kouhei S. has added support for the LDAP STARTTLS verb (documentation
is
in the rdoc). This of course eliminates the need for a separate port.