First, you need to install DBMS_LDAP package to use LDAP on Oracle database at all:
CONNECT / AS SYSDBA
@?/rdbms/admin/catldap.sql
then install and configure stunnel:
$ apt-get install stunnel
$ cat <<EOF > /etc/stunnel/ldap.conf
client = yes
[LDAPS-client]
accept = 127.0.0.1:389
connect = ldap.example.com:636
EOF
$ sed -i.bak 's/ENABLED=0/ENABLED=1/' /etc/default/stunnel4
$ invoke-rc.d stunnel4 restart
That’s it! Let’s test our configuration:
SET SERVEROUTPUT ON
DECLARE
LDAPSession DBMS_LDAP.session;
LDAPResult PLS_INTEGER;
BEGIN
DBMS_LDAP.use_exception := TRUE;
LDAPSession := DBMS_LDAP.init(
hostname => '127.0.0.1',
portnum => 389
);
LDAPResult := DBMS_LDAP.simple_bind_s(
ld => LDAPSession,
dn => 'cn=user,dc=example,dc=com',
passwd => 'password'
);
DBMS_Output.put_line('User authenticated!');
LDAPResult := DBMS_LDAP.unbind_s(LDAPSession);
END;
Hint: for testing purposes you can also use socat:
$ socat TCP-LISTEN:389,reuseaddr,fork OPENSSL:ldap.example.com:636,verify=0