LDAP in 2.9.2

In this board you can talk about general questions about phpMyFAQ

Moderator: Thorsten

mmcgrath
Posts: 38
Joined: Wed Jul 10, 2013 9:31 pm

LDAP in 2.9.2

Post by mmcgrath » Thu Jul 14, 2016 2:34 pm

I upgraded to 2.9.2 and LDAP is no longer working. It worked fine in 2.8.18.

The proper values are in config/ldap.php.

Permission level is medium and Enable LDAP support is checked under Security.

What logs would I be able to look at to help troubleshoot this?

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Thu Jul 14, 2016 3:27 pm

Hi,

do you get any errors?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

mmcgrath
Posts: 38
Joined: Wed Jul 10, 2013 9:31 pm

Re: LDAP in 2.9.2

Post by mmcgrath » Thu Jul 14, 2016 3:28 pm

Just "Wrong login name or password."

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Thu Jul 14, 2016 3:31 pm

Hi,

you can try to look into the logs of your LDAP server and try to enable the debug mode in phpMyFAQ in inc/Bootstrap.php

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

mmcgrath
Posts: 38
Joined: Wed Jul 10, 2013 9:31 pm

Re: LDAP in 2.9.2

Post by mmcgrath » Wed Jul 20, 2016 7:40 pm

Thorsten -

I enabled debug mode and when I attempt to login via LDAP I receive the following:

phpMyFAQ warning [2]: constant(): Couldn't find constant 17 in /var/www/faq/inc/PMF/Ldap.php on line 120

I'm no programmer, so I don't know what to make of line 120....

Code: Select all

117         // optionally set Bind version
118         if (isset($this->_ldapConfig['ldap_options'])) {
119             foreach ($this->_ldapConfig['ldap_options'] as $key => $value) {
120                 if (!ldap_set_option($this->ds, constant($key), $value)) {
121                     $this->errno = ldap_errno($this->ds);
122                     $this->error = sprintf(
123                         'Unable to set LDAP option "%s" to "%s" (Error: %s).',
124                         $key,
125                         $value,
126                         ldap_error($this->ds)
127                     );
128
129                     return false;
130                 }
131             }
132         }
Thanks!

Max

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Thu Jul 21, 2016 6:51 am

Hi,

change this line

Code: Select all

if (!ldap_set_option($this->ds, constant($key), $value)) {
to

Code: Select all

if (!ldap_set_option($this->ds, $key, $value)) {
It should be also fixed since 2.9.1, but I will double check that.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Thu Jul 21, 2016 6:55 am

Hi,

I forgot something. How does your config/constants_ldap.php file look like?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

mmcgrath
Posts: 38
Joined: Wed Jul 10, 2013 9:31 pm

Re: LDAP in 2.9.2

Post by mmcgrath » Thu Jul 21, 2016 2:29 pm

Code: Select all

// Datamapping - in this example for an ADS
$PMF_LDAP['ldap_mapping'] = array (
    'name'     => 'cn',
    'username' => 'cn',
    'mail'     => 'mail'
);

// In a multi-domain environment, users may enter a prefix as domain, e.g. "DOMAIN\username"
// If possible, you should use the Microsoft Global Catalog as LDAP-Server, which comes
// with every ADS-Installation.
$PMF_LDAP['ldap_use_domain_prefix'] = false;

// LDAP-options to set
// refer to the documentation of ldap_set_option() for information on available options
$PMF_LDAP["ldap_options"] = array (
    LDAP_OPT_PROTOCOL_VERSION => 3,
    LDAP_OPT_REFERRALS        => 0
);

// Option for adding a check on LDAP groups
// Default: false
$PMF_LDAP['ldap_use_memberOf'] = false;
$PMF_LDAP['ldap_mapping']['memberOf'] = 'cn=pfadmins,o=carthage';

// Option for binding to LDAP directory using SASL
// Default: false
$PMF_LDAP['ldap_use_sasl'] = false;

// Option to use multiple LDAP servers
// Default: false
$PMF_LDAP['ldap_use_multiple_servers'] = false;

// Option to use anonymous LDAP connection (without username and password)
// Default: false
$PMF_LDAP['ldap_use_anonymous_login'] = false;

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Thu Jul 21, 2016 7:32 pm

Hi,

please revert my "fix" and use the constants_ldap.php file from phpMyFAQ 2.9.2. When it's working again.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

mmcgrath
Posts: 38
Joined: Wed Jul 10, 2013 9:31 pm

Re: LDAP in 2.9.2

Post by mmcgrath » Fri Jul 22, 2016 10:01 pm

Thorsten -

I don't follow you.

I did not make any changes yet -- should stay as is and NOT make any changes?

I am currently running 2.9.2 -- so wouldn't I already be using the constants_ldap.php from 2.9.2?

Max

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Tue Jul 26, 2016 6:46 pm

Hi,

your constant_ldap.php file is the wrong one, this is the right one:

https://github.com/thorsten/phpMyFAQ/bl ... s_ldap.php

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

luiz.vendrame
Posts: 4
Joined: Thu Jul 28, 2016 9:48 pm

Re: LDAP in 2.9.2

Post by luiz.vendrame » Thu Jul 28, 2016 9:50 pm

Hi All,

I've tryied this modification but It didn't work.
Does anyone have configured succesfully ldap?

att,
att,
Luiz Vendrame
ITIL v3 Certified, Green It Certified

mmcgrath
Posts: 38
Joined: Wed Jul 10, 2013 9:31 pm

Re: LDAP in 2.9.2

Post by mmcgrath » Thu Jul 28, 2016 10:07 pm

I've tried it as well and I still am not working.

Thorsten
Posts: 14754
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: LDAP in 2.9.2

Post by Thorsten » Fri Jul 29, 2016 6:27 am

Hi,

please turn on the DEBUG MODE in inc/Bootstrap.php and post the error messages here.

Thanks in advance!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

luiz.vendrame
Posts: 4
Joined: Thu Jul 28, 2016 9:48 pm

Re: LDAP in 2.9.2

Post by luiz.vendrame » Fri Jul 29, 2016 12:50 pm

phpMyFAQ warning [2]: ldap_bind(): Unable to bind to server: Invalid credentials in C:\wamp\www\phpmyfaq\inc\PMF\Ldap.php on line 179

These are the config i've tryed

<?php
$PMF_LDAP['ldap_server'] = '10.0.10.150';
$PMF_LDAP['ldap_port'] = '389';
$PMF_LDAP['ldap_user'] = 'ssouser';
$PMF_LDAP['ldap_password'] = 'XXXXXXXXX';
$PMF_LDAP['ldap_base'] = 'dc=aps,dc=ti';

Another One

<?php
$PMF_LDAP['ldap_server'] = '10.0.10.150';
$PMF_LDAP['ldap_port'] = '389';
$PMF_LDAP['ldap_user'] = 'CN=ssouser,OU=Usuarios Outros,DC=APS,DC=TI';
$PMF_LDAP['ldap_password'] = 'XXXXXXXXX';
$PMF_LDAP['ldap_base'] = 'dc=aps,dc=ti';


Another One


<?php
$PMF_LDAP['ldap_server'] = '10.0.10.150';
$PMF_LDAP['ldap_port'] = '389';
$PMF_LDAP['ldap_user'] = 'ssouser';
$PMF_LDAP['ldap_password'] = 'XXXXXXX';
$PMF_LDAP['ldap_base'] = 'OU=Usuarios Outros,dc=aps,dc=ti';


Just to certify: I'm already using the same config (IP, User, Pass and BaseDN )in another application to login at my Active Directory.

All of them are still not working
att,
Luiz Vendrame
ITIL v3 Certified, Green It Certified

Post Reply