If an SSL connection is required to connect to LDAP and a self-signed SSL certificate is installed on the server, the connection will fail.
To avoid connection errors, perform the following steps before configuring synchronization:
- Connect to the server with the platform via SSH.
-
Create a directory for LDAP configuration:
mkdir /opt/ispsystem/ldap
-
Create an ldap.conf file in the /opt/ispsystem/ldap/ directory with the following content:
TLS_CACERT /etc/ssl/certs/ca-certificates.crt TLS_REQCERT never
-
Create a patch file /opt/ispsystem/ldap.yaml with the following content:
version: "3.5" services: ldap: volumes: - /opt/ispsystem/ldap/:/etc/ldap/
-
Apply the patch to the LDAP service:
VMmanager/usr/local/bin/vm add-patch -p=LDAP -f /opt/ispsystem/ldap.yaml
DCImanager 6/usr/local/bin/dci add-patch -p=LDAP -f /opt/ispsystem/ldap.yaml
After completing these steps, configure the synchronization according to the instructions in the article Synchronization with the LDAP directory.