LDAP SSL connection to AD failed

Hi all,
I’m confused with a AD SSL connection from a Seafile server (7) under CentOS 7.
I have added the following [LDAP] config in ccnet.conf, but got the message “user-mgr.c(242): ldap_initialize failed: Bad parameter to an ldap routine.”.
HOST = srvad.mydomain.local
USE_SSL = true
BASE = DC=mydomain,DC=local
USER_DN = userseafile@mydomain.local
PASSWORD = password
FILTER = memberOf=cn=GG_RW_SEAFILE,ou=Groupes,dc=mydomain,dc=local

Using ldapsarch, I can connect to AD and list users with the same options :
ldapsearch -h srvad.mydomain.local -x -W -D “userseafile@mydomain.local” -b “dc=mydomain,dc=local” “(memberOf=cn=GG_RW_SEAFILE,ou=Groupes,dc=mydomain,dc=local)” “Mail”

What I don’t understand, regarding user-mgr.c on Github, from line 242, is that this message is only possible “ifndef WIN32”. Does this mean “only on non-Windows OS” or am I wrong ? It is the case, I’m on CentOS. But in this case, line 245, USE_SSL is also used only on Windows system ? If we cannot use this option on a linux server, I tried “HOST = ldaps://srvad.mydomain.local”, but got the same error message.

Any idea to solve this (blocking) problem ?
Thanks all

You should use ldaps://srvad.mydomain.local

Hi Jonathan and thank you for quick answering.
Yes, after posting here and reading the source code, that was the conclusion I suspected. I’ve just deleted and recreated all the LDAP config with “ldaps://…”, and the connection pass ! For futur reference, this work, ON LINUX SERVER:
HOST = ldaps://srvad.mydomain.local
BASE = OU=Users,DC=mydomain,DC=local
USER_DN = userseafile@mydomain.local
PASSWORD = password
FILTER = memberOf=CN=GG_RW_SEAFILE,OU=Groups,DC=mydomain,DC=local

USE_SSL is not used and we need to add ldap(s):// to the HOST.
It’s also important to note that in the doc, the important sentence is : “BASE: (…) You cannot use the root DN (e.g. dc=example,dc=com) as BASE.”


If successful, a window is displayed listing information related to the active directory SSL connection. If the connection is unsuccessful, restart your system

Are you sure ? I had never had this window. Just, when the connection is successful, you can see all possible AD users in the tab “LDAP”.

If the test fail due to LDAP server configuration or certificate issue.