mv /etc/ldap/ldap.conf /etc/ldap/ldap.conf.ori
nano ldap.conf
#Paste this in:

base ou=example,dc=school,dc=local
ldapsearch -D "uid=ldapuser,cn=users,ou=example,dc=school,dc=local" -x -W \
 
uri ldaps:///ldap.example.come:10636
ldap_version 3
 
binddn uid=ldapuser,cn=users,ou=example,dc=school,dc=local
 
 
bindpw pasword123
 
rootbinddn uid=ldapuser,cn=users,ou=example,dc=school,dc=local
 
pam_password md5
 
tls_cacertfile /etc/ssl/certs/ldapserver.pem

#Retrieve and save the certificate from the LDAP server
openssl s_client -connect ldap.example.com:10636 -showcerts </dev/null 2>/dev/null \
| openssl x509 -outform PEM > /usr/local/share/ca-certificates/ldapserver.crt
 
#Set permissions for the certificate file
sudo chmod 644 /usr/local/share/ca-certificates/ldapserver.crt
 
update-ca-certificates
 
#Test the LDAP connection with ldapsearch
ldapsearch -D "uid=ldapuser,cn=users,ou=example,dc=school,dc=local" -x -W \
-H ldaps://ldap.example.com:10636 -b "ou=example,dc=school,dc=local" uid=ldapuser 1.1
 
#Set the environment variable for Apache
sudo nano /etc/apache2/envvars
# Add at the end of the file:
export LDAPTLS_CACERT=/usr/local/share/ca-certificates/ldapserver.crt
 
#Restart Apache to apply the environment variable
sudo systemctl restart apache2
 
#Test the LDAP connection in ILIAS
 
# If there are issues, check Apache logs:
tail -f /var/log/apache2/error.log
 
# Check ILIAS logs:
tail -f /opt/iliasdata/log/ilias.log