diff -urN ../z-push-2.6.0.orig/src/backend/searchldap/config.php ./src/backend/searchldap/config.php
--- ../z-push-2.6.0.orig/src/backend/searchldap/config.php	2019-10-23 00:40:47.036096000 +0300
+++ ./src/backend/searchldap/config.php	2020-05-09 01:26:14.672239000 +0300
@@ -27,6 +27,11 @@
 // LDAP host and port
 define("LDAP_HOST", "ldap://127.0.0.1/");
 define("LDAP_PORT", "389");
+define("LDAP_START_TLS", false);
+
+//define("LDAP_HOST", "ldaps://127.0.0.1/");
+//define("LDAP_PORT", "636;
+//define("LDAP_DISABLE_REFERRALS", true);
 
 // Set USER and PASSWORD if not using anonymous bind
 define("ANONYMOUS_BIND", true);
diff -urN ../z-push-2.6.0.orig/src/backend/searchldap/searchldap.php ./src/backend/searchldap/searchldap.php
--- ../z-push-2.6.0.orig/src/backend/searchldap/searchldap.php	2019-10-23 00:40:47.036199000 +0300
+++ ./src/backend/searchldap/searchldap.php	2020-05-09 01:24:38.759120000 +0300
@@ -47,6 +47,19 @@
         $this->connection = @ldap_connect(LDAP_HOST, LDAP_PORT);
         @ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, 3);
 
+        if (defined('LDAP_DISABLE_REFERRALS') and (constant('LDAP_DISABLE_REFERRALS') === true)) {
+            @ldap_set_option($this->connection, LDAP_OPT_REFERRALS, 0);
+        }
+
+        if (defined('LDAP_START_TLS') and (constant('LDAP_START_TLS') === true)) {
+            if (! @ldap_start_tls($this->connection)) {
+                $ldap_errno = ldap_errno($this->connection);
+                $ldap_error = ldap_error($this->connection);
+                $this->connection = false;
+                throw new StatusException("BackendSearchLDAP(): Could not start TLS session with server (error ".$ldap_errno.": ".$ldap_error."). Search aborted.", SYNC_SEARCHSTATUS_STORE_CONNECTIONFAILED, null, LOGLEVEL_ERROR);
+            }
+        }
+
         // Authenticate
         if (constant('ANONYMOUS_BIND') === true) {
             if(! @ldap_bind($this->connection)) {