LDAP connection assumes ldaps when using start_tls
I have an LDAP server running on FreeBSD that provides LDAP authentication to a set of machines running Linux. I have tried to setup my FreeNAS server to fetch user information from the LDAP server, but when changing the LDAP server status from OFF to ON in the FreeNAS GUI, the interface waits for about a minute then gives me a message that the connection could not be made. To track down the problem, I sshed into the FreeNAS server and examined the system log while trying to start the LDAP connection. From what I can see, FreeNAS is assuming that the LDAP server address is ldaps://..., meaning it is trying to contact the server on port 636. My ldap server was set up using the instructions at https://www.freebsd.org/doc/en/articles/ldap-auth/ldap.html, where we are told to use ldap:// with start_tls, rather than ldaps://. To examine the problem further, I turned off start_tls in the LDAP settings of the FreeNAS GUI and found that the system logs were now showing the connection to ldap://, but giving the an error message to say that encryption is required, meaning that it contacted the server using the correct port, and the LDAP server has responded and complained that TLS was not being used. To attempt to fix this, I kept the start_TLS option off in the FreeNAS GUI, but added the start TLS line to the addtional options text box. I also tried adding a URI=ldap://... line and port 389 line to to options text box, but this text does not seem to make its way to the ldap.conf file in the FreeNAS box. I have not found a way to get FreeNAS to connect to ldap:// at port 389 using TLS.