Frequently Asked Question
How do I use LDAPS?
Last Updated 3 years ago
(If you are not CBC, you probably don't need any of this information, but it has been included for completeness)
GEWIS has two servers that support LDAPs. To be able to use LDAPs, you need an account to verify credentials. DO NOT USE PERSONAL ACCOUNTS TO BIND TO THE SERVER.
Please also note that for security reasons, LDAP connections
Please use the following details for connecting:
| LDAP with STARTTLS | LDAP with SSL (LDAPS) | ||
|---|---|---|---|
| Server | ldaps.gewis.nl | ldaps.gewis.nl | |
| Port | 389 | 636 | |
| Encryption type | STARTTLS | Implicit SSL | |
Bind user / | CN=[username],CN=Service accounts,DC=gewiswg,DC=gewis,DC=nl | ||
| Bind password | [password] | ||
| Search attribute username / username attribute | sAMAccountName | ||
| (Search) Base DN | Lookup all users: DC=gewiswg,DC=gewis,DC=nl Classic accounts: CN=Users,DC=gewiswg,DC=gewis,DC=nl Member accounts: CN=Member accounts,DC=gewiswg,DC=gewis,DC=nl | ||
| (Search) Base DN groups | Lookup all users: DC=gewiswg,DC=gewis,DC=nl Classic accounts: CN=Users,DC=gewiswg,DC=gewis,DC=nl Member accounts: CN=Groups,DC=gewiswg,DC=gewis,DC=nl | ||
CA certificate | Let's Encrypt is used, which should be trusted. For now, we are using RSA2048 https://crt.sh/?id=9314791 + certificate is attached (R3+X1) | ||