Does Lasso 9 ldap support ldaps or must I use sys_process?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Does Lasso 9 ldap support ldaps or must I use sys_process?

stevepiercy
Does the Lasso 9 `ldap` type support LDAPS?

If not, is `sys_process` my only option?

And if `sys_process` is my only option, does anyone have a
working example of LDAPS for Lasso 9?

The sample code here, slightly modified, fails on connection.
http://lassoguide.com/operations/ldap.html#ldap-methods

     local(my_ldap) = ldap
     // 636 is secure port
     #my_ldap->open('my.ldap.com',636)
     fail_if(#my_ldap->code != 0, #my_ldap->code, 'LDAP Error '
+ #my_ldap->code)
     #my_ldap->authenticate('myusername', 'mysecretpassword')
     fail_if(#my_ldap->code != 0, #my_ldap->code, 'LDAP Error '
+ #my_ldap->code)
     #my_ldap->search('ou=People,o=myorg', ldap_scope_subtree, '(objectClass=*)')
     fail_if(#my_ldap->code != 0, #my_ldap->code, 'LDAP Error '
+ #my_ldap->code)
     local(my_result) = #my_ldap->results
     #my_ldap->close

Not having a proper default certificate bundle installed might
be part of the issue.

When I use curl on the production environment, I must the `-k` option.

[spiercy@production ~]$ curl
"ldaps://my.ldap.com:636/ou=People,o=myorg" -u
"cn=GeneralLookupAccount,ou=LookupAccounts,ou=sa,o=myorg" -k
(list of CAs elided)
DN: ou=People,o=myorg
     objectClass: organizationalUnit
     objectClass: ndsLoginProperties
     objectClass: ndsContainerLoginProperties
     objectClass: Top

--steve

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy              Website Builder              Soquel, CA
<[hidden email]>               <http://www.stevepiercy.com/>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>