The CA Cert is imported into the systemwide certificate store (via /etc/pki/ca-trust/source/anchors/) and is marked as valid when i run openssl s_client -connect. OpenSSL version installed:
Installed Packages
Name : openssl
Arch : x86_64
Epoch : 1
Version : 1.0.2k
Release : 19.el7
Size : 814 k
Repo : installed
From repo : base
OS is: CentOS Linux release 7.7.1908
Seafile version: 7.0.5
I’d like to mention that my LDAP Server is MS AD on Windows Server 2016. LDAPS is necessary due to the upcoming disabling of the plain-text LDAP protocol.
According to the manual I don’t have to because I’m using Centos 7:
The current version of Seafile Linux server package is compiled on CentOS
But since different Linux distributions have different path or configuration for OpenSSL library, sometimes Seafile is unable to connect to the directory server with TLS.
I assumed, I won’t have to move the libraries because I’m not using a different Linux distribution.
We use seafile on Scientific Linux 7 with an openldap server. ldaps is no problem. The only difference is, that our CA certificates are stored under /etc/pki/tls/certs.
[LDAP_SYNC]
ENABLE_GROUP_SYNC = true
GROUP_OBJECT_CLASS = group
ROLE_NAME_ATTR = title
ENABLE_USER_SYNC = true
ACTIVATE_USER_WHEN_IMPORT = true
DEACTIVE_USER_IF_NOTFOUND = true
SYNC_INTERVAL = 60
USER_OBJECT_CLASS = person
ENABLE_EXTRA_USER_INFO_SYNC = true
FIRST_NAME_ATTR = givenName
LAST_NAME_ATTR = sn
USER_NAME_REVERSE = true
UID_ATTR = sAMAccountName
Lib folder below:
ls libnspr4.so
Display all 106 possibilities? (y or n)
I am not finding libnssutil3.so file
The LDAP account import to Seafile successfully, but LDAP user could not logon, ccnet log below:
[03/12/20 00:13:36] user-mgr.c(1506): Cannot find user aaaa in LDAP.
[03/12/20 00:15:12] user-mgr.c(1506): Cannot find user aaaa in LDAP.