diff options
| -rw-r--r-- | modules/sympa/templates/auth.conf | 4 | ||||
| -rw-r--r-- | modules/sympa/templates/data_sources/ldap_group.incl | 3 | ||||
| -rw-r--r-- | modules/sympa/templates/search_filters/group.ldap | 4 |
3 files changed, 8 insertions, 3 deletions
diff --git a/modules/sympa/templates/auth.conf b/modules/sympa/templates/auth.conf index 203dfe7c..854fdf9c 100644 --- a/modules/sympa/templates/auth.conf +++ b/modules/sympa/templates/auth.conf @@ -6,7 +6,9 @@ ldap get_dn_by_email_filter (|(mail=[sender])(mailalternateaddress=[sender])) email_attribute mail scope sub - use_ssl 1 + use_tls ldaps + ssl_version tlsv1_2 + ca_verify none bind_dn cn=sympa-<%= hostname %>,ou=System Accounts,<%= dc_suffix %> bind_password <%= scope.lookupvar("sympa::server::ldap_password") %> authentication_info_url <%= authentication_info_url %> diff --git a/modules/sympa/templates/data_sources/ldap_group.incl b/modules/sympa/templates/data_sources/ldap_group.incl index f6283d2f..609a7e42 100644 --- a/modules/sympa/templates/data_sources/ldap_group.incl +++ b/modules/sympa/templates/data_sources/ldap_group.incl @@ -1,7 +1,8 @@ include_ldap_2level_query host ldap.<%= domain %> - use_ssl yes + use_tls ldaps ssl_version tlsv1_2 + ca_verify none user cn=sympa-<%= hostname %>,ou=System Accounts,<%= dc_suffix %> passwd <%= scope.lookupvar("sympa::server::ldap_password") %> suffix1 ou=Group,<%= dc_suffix %> diff --git a/modules/sympa/templates/search_filters/group.ldap b/modules/sympa/templates/search_filters/group.ldap index b4dc7117..884e0db1 100644 --- a/modules/sympa/templates/search_filters/group.ldap +++ b/modules/sympa/templates/search_filters/group.ldap @@ -1,7 +1,9 @@ host ldap.<%= domain %>:636 bind_dn cn=sympa-<%= hostname %>,ou=System Accounts,<%= dc_suffix %> bind_password <%= scope.lookupvar("sympa::server::ldap_password") %> -use_ssl yes +use_tls ldaps +ssl_version tlsv1_2 +ca_verify none suffix ou=People,<%= dc_suffix %> filter (&(mail=[sender])(memberOf=cn=<%= name %>,ou=Group,<%= dc_suffix %>)) scope sub |