Couple weeks ago I had a working install of Moodle then we moved to LDAPS only (instead of also allowing LDAP) and I learned that there was an unforeseen issue with that. The question I am asking has been asked and answered but either because of my understanding or configuration, solutions are not working.
Issue:
When I attempt to get into Moodle using an LDAP user I get "LDAP-module cannot connect to any servers: Server: 'ldaps.*********.edu', Connection: 'Resource id #88', Bind result:". I know for a fact it is not a networking or url or something like that since I can use another service on the same server also using LDAPS. The issue is a certificate issue.
The solution is (from research of documentation and other threads) is ignore certs or load certs, to simply state it. I would prefer to load certificates. Ignore by adding line "TLS_REQCERT never" to C:\OpenLDAP\sysconf\ldap.conf restart IIS. Doesn't work for my situation, same error. Or you can add the certs by adding line "TLS_CACERT C:\openldap\sysconf\certs.pem" then add a appended PEM file of certs to that folder, mine looks approximately like below, this also did not work.
This may be an openssl or openldap issue on my server, c:\OpenLDAP did not exist i had to create it?
(certs.pem File, for certs being used by LDAPS server)
-----BEGIN CERTIFICATE-----
(Server Cert)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Intermediate Cert)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Root Cert)
-----END CERTIFICATE-----
My Moodle/Web server:
WIndows Server 2008 R2
IIS 7.0
PHP 5.3.19
Moodle
LDAPS Server: is a separate server part of AD.
