optional => 1,
},
+ sslversion => {
+ description => "LDAPS ssl version.",
+ type => 'string',
+ enum => [qw(tlsv1 tlsv1_1 tlsv1_2)],
+ optional => 1,
+ },
default => {
description => "Use this as default realm",
type => 'boolean',
domain => {},
port => { optional => 1 },
secure => { optional => 1 },
+ sslversion => { optional => 1 },
default => { optional => 1 },,
comment => { optional => 1 },
tfa => { optional => 1 },
$ad_args{verify} = 'none';
}
+ if ($config->{secure}) {
+ $ad_args{sslversion} = $config->{sslversion} ? $config->{sslversion} : 'tlsv1_2';
+ }
+
my $ldap = Net::LDAP->new($conn_string, %ad_args) || die "$@\n";
$username = "$username\@$config->{domain}"
user_attr => {},
port => { optional => 1 },
secure => { optional => 1 },
+ sslversion => { optional => 1 },
default => { optional => 1 },
comment => { optional => 1 },
tfa => { optional => 1 },
$ldap_args{verify} = 'none';
}
+ if ($config->{secure}) {
+ $ldap_args{sslversion} = $config->{sslversion} ? $config->{sslversion} : 'tlsv1_2';
+ }
+
my $ldap = Net::LDAP->new($conn_string, %ldap_args) || die "$@\n";
if (my $bind_dn = $config->{bind_dn}) {