server/sources/ldapuser.py
changeset 5408 120db445c179
parent 5328 c51e8f62652a
parent 5407 7730796f9506
child 5423 e15abfdcce38
--- a/server/sources/ldapuser.py	Fri Apr 23 17:56:01 2010 +0200
+++ b/server/sources/ldapuser.py	Mon Apr 26 16:31:46 2010 +0200
@@ -67,7 +67,6 @@
           'help': 'ldap protocol (allowed values: ldap, ldaps, ldapi)',
           'group': 'ldap-source', 'level': 1,
           }),
-
         ('auth-mode',
          {'type' : 'choice',
           'default': 'simple',
@@ -422,6 +421,9 @@
             hostport = self.host
         self.info('connecting %s://%s as %s', self.protocol, hostport,
                   user and user['dn'] or 'anonymous')
+        # don't require server certificate when using ldaps (will
+        # enable self signed certs)
+        ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
         url = LDAPUrl(urlscheme=self.protocol, hostport=hostport)
         conn = ReconnectLDAPObject(url.initializeUrl())
         # Set the protocol version - version 3 is preferred