Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » OSX 10.5.5: No SLL on LDAP what-so-ever! (Directory Utility does ONLY use port 389!)

Messages: 520

Karma: 3
Send a private message to this user
Hi All,

Having just spend most of the day getting a new Kerio install workig at a customer, I've now come to the following conclusion:

OSX 10.5.5 Directury utility does NOT, I repeat: NOT, respect any change in portnumber or SSL settings. It will ONLY connect to port 389!

I would very much like to be proven wrong, but:
1: Settings in the LDAP server seems to stick to port 389. I can Only get DirUtil to be green if that port is open in the firewall, and then dscl in Terminal will also connect.

2: Blocking port 389 in FW (on server) stops D.U. in validating the OD

3: Stopping the LDAP service in Kerio, leaving Secure LDAP running, setting D.U. to use SSL, stops it from connecting.

4: I have tried this with both manually setting it up and using the Kerio iCal-Auto config installer. No difference!

If anyone can prove me wrong, please, please try (with steps to get it working with SSL)...



Jakob Peterhänsel
Consultant - Humac A/S

Apple Certified Support Professional (ACSP)
Apple Certified Technical Coordinator (ACTC)
AppleSeed/CQF member since 1998
Kerio Messaging Partner
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Directory Utility requires port 389 in order to show green light. But it is just a light (green/yellow) - it does not affect functionality. Only red light does.
So, DU will try to connect *also* to port 389 even if you select SSL (it will try both ports).

DU is highly sensitive to DNS and LDAP setting. For example, hostname in DU setting must have valid A record, PTR record for the IP address must contain a name which also has a valid A record.

Messages: 26
Karma: 0
Send a private message to this user
I'm also having trouble getting to work after the update. we used the ical auto setup app to automatically setup directory to point to our KMS installation for contact lookup/autocomplete in ical.

oddly we got it to work on one machine, but the rest fail. on all the machines that fail though, directory has a green light, indicating it can contact the server fine. but if you then launch, it immediately reports it is unable to connect.

can't find where the problem is here, especially since it IS working on one machine, yet every other machine i've tried it doesn't work.

and yes, both port 636 and 389 are open on the firewall.
Previous Topic: McAfee not Loaded (MacOS X)
Next Topic: Tested KMS for 3 weeks - will not use it
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 17:05:04 CET 2017

Total time taken to generate the page: 0.00461 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.