I’m new to this community and this product, but a long time sysadmin.
I have trouble setting LDAPS with our LoginLDAP plugin on our Matomo instance.
What has been tested :
- LDAP authentication on RODC in non-SSL setting is working perfectly (port 389).
- The RODC server is listening on port 636.
- Firewall port 636 is opened on RODC.
What I don’t know how to do and that I think is necessary for make it work :
- Configure CACERT.PEM library file to include internal root CA certificate.
- Add a Computer certificate to Matomo config so the system will use to authenticate with RODC.
I’m pretty sure this is what is missing. I’ve searched extensively, but did not find a defined procedure to help me configure it correctly. We need to use LDAPS since our politics severely condemn non-secure LDAP connections.
I’ve joined the log line that states the failure in the process. I can provide any more info as necessary. Thank you SOOOO much in advance for any help you might be able to provide.
WARNING LoginLdap[2020-01-13 17:41:23 UTC] [78c74] D:\wwwroot\Matomo\plugins\LoginLdap\Ldap\Client.php(146): Warning - ldap_bind(): Unable to bind to server: Can't contact LDAP server - Matomo 3.13.0 - Please report this message in the Matomo forums: https://forum.matomo.org (please do a search first as it might have been reported already) [internal function]: Piwik\ErrorHandler::errorHandler(),#1\plugins\LoginLdap\Ldap\Client.php(146),#2\plugins\LoginLdap\Model\LdapUsers.php(591),#3\plugins\LoginLdap\Model\LdapUsers.php(276),#4\plugins\LoginLdap\Model\LdapUsers.php(506),#5\plugins\LoginLdap\Model\LdapUsers.php(279),#6\plugins\LoginLdap\API.php(98),[internal function]: Piwik\Plugins\LoginLdap\API->getCountOfUsersMemberOf(),#8\core\API\Proxy.php(237),#9\core\Context.php(28)