LDAP in 2.9.2

mmcgrath · Post by **mmcgrath** » Thu Jul 14, 2016 2:34 pm

I upgraded to 2.9.2 and LDAP is no longer working. It worked fine in 2.8.18.

The proper values are in config/ldap.php.

Permission level is medium and Enable LDAP support is checked under Security.

What logs would I be able to look at to help troubleshoot this?

Post by **Thorsten** » Thu Jul 14, 2016 3:27 pm

Hi,

do you get any errors?

bye
Thorsten

mmcgrath · Post by **mmcgrath** » Thu Jul 14, 2016 3:28 pm

Just "Wrong login name or password."

Post by **Thorsten** » Thu Jul 14, 2016 3:31 pm

Hi,

you can try to look into the logs of your LDAP server and try to enable the debug mode in phpMyFAQ in inc/Bootstrap.php

bye
Thorsten

mmcgrath · Post by **mmcgrath** » Wed Jul 20, 2016 7:40 pm

Thorsten -

I enabled debug mode and when I attempt to login via LDAP I receive the following:

phpMyFAQ warning [2]: constant(): Couldn't find constant 17 in /var/www/faq/inc/PMF/Ldap.php on line 120

I'm no programmer, so I don't know what to make of line 120....

Code: Select all

117         // optionally set Bind version
118         if (isset($this->_ldapConfig['ldap_options'])) {
119             foreach ($this->_ldapConfig['ldap_options'] as $key => $value) {
120                 if (!ldap_set_option($this->ds, constant($key), $value)) {
121                     $this->errno = ldap_errno($this->ds);
122                     $this->error = sprintf(
123                         'Unable to set LDAP option "%s" to "%s" (Error: %s).',
124                         $key,
125                         $value,
126                         ldap_error($this->ds)
127                     );
128
129                     return false;
130                 }
131             }
132         }

Thanks!

Max

Post by **Thorsten** » Thu Jul 21, 2016 6:51 am

Hi,

change this line

Code: Select all

if (!ldap_set_option($this->ds, constant($key), $value)) {

to

Code: Select all

if (!ldap_set_option($this->ds, $key, $value)) {

It should be also fixed since 2.9.1, but I will double check that.

bye
Thorsten

Post by **Thorsten** » Thu Jul 21, 2016 6:55 am

Hi,

I forgot something. How does your config/constants_ldap.php file look like?

bye
Thorsten

mmcgrath · Post by **mmcgrath** » Thu Jul 21, 2016 2:29 pm

Code: Select all

// Datamapping - in this example for an ADS
$PMF_LDAP['ldap_mapping'] = array (
    'name'     => 'cn',
    'username' => 'cn',
    'mail'     => 'mail'
);

// In a multi-domain environment, users may enter a prefix as domain, e.g. "DOMAIN\username"
// If possible, you should use the Microsoft Global Catalog as LDAP-Server, which comes
// with every ADS-Installation.
$PMF_LDAP['ldap_use_domain_prefix'] = false;

// LDAP-options to set
// refer to the documentation of ldap_set_option() for information on available options
$PMF_LDAP["ldap_options"] = array (
    LDAP_OPT_PROTOCOL_VERSION => 3,
    LDAP_OPT_REFERRALS        => 0
);

// Option for adding a check on LDAP groups
// Default: false
$PMF_LDAP['ldap_use_memberOf'] = false;
$PMF_LDAP['ldap_mapping']['memberOf'] = 'cn=pfadmins,o=carthage';

// Option for binding to LDAP directory using SASL
// Default: false
$PMF_LDAP['ldap_use_sasl'] = false;

// Option to use multiple LDAP servers
// Default: false
$PMF_LDAP['ldap_use_multiple_servers'] = false;

// Option to use anonymous LDAP connection (without username and password)
// Default: false
$PMF_LDAP['ldap_use_anonymous_login'] = false;

Post by **Thorsten** » Thu Jul 21, 2016 7:32 pm

Hi,

please revert my "fix" and use the constants_ldap.php file from phpMyFAQ 2.9.2. When it's working again.

bye
Thorsten

mmcgrath · Post by **mmcgrath** » Fri Jul 22, 2016 10:01 pm

Thorsten -

I don't follow you.

I did not make any changes yet -- should stay as is and NOT make any changes?

I am currently running 2.9.2 -- so wouldn't I already be using the constants_ldap.php from 2.9.2?

Max

Post by **Thorsten** » Tue Jul 26, 2016 6:46 pm

Hi,

your constant_ldap.php file is the wrong one, this is the right one:

https://github.com/thorsten/phpMyFAQ/bl ... s_ldap.php

bye
Thorsten

luiz.vendrame · Post by **luiz.vendrame** » Thu Jul 28, 2016 9:50 pm

Hi All,

I've tryied this modification but It didn't work.
Does anyone have configured succesfully ldap?

att,

mmcgrath · Post by **mmcgrath** » Thu Jul 28, 2016 10:07 pm

I've tried it as well and I still am not working.

Post by **Thorsten** » Fri Jul 29, 2016 6:27 am

Hi,

please turn on the DEBUG MODE in inc/Bootstrap.php and post the error messages here.

Thanks in advance!

bye
Thorsten

luiz.vendrame · Post by **luiz.vendrame** » Fri Jul 29, 2016 12:50 pm

phpMyFAQ warning [2]: ldap_bind(): Unable to bind to server: Invalid credentials in C:\wamp\www\phpmyfaq\inc\PMF\Ldap.php on line 179

These are the config i've tryed

<?php
$PMF_LDAP['ldap_server'] = '10.0.10.150';
$PMF_LDAP['ldap_port'] = '389';
$PMF_LDAP['ldap_user'] = 'ssouser';
$PMF_LDAP['ldap_password'] = 'XXXXXXXXX';
$PMF_LDAP['ldap_base'] = 'dc=aps,dc=ti';

Another One

<?php
$PMF_LDAP['ldap_server'] = '10.0.10.150';
$PMF_LDAP['ldap_port'] = '389';
$PMF_LDAP['ldap_user'] = 'CN=ssouser,OU=Usuarios Outros,DC=APS,DC=TI';
$PMF_LDAP['ldap_password'] = 'XXXXXXXXX';
$PMF_LDAP['ldap_base'] = 'dc=aps,dc=ti';

Another One

<?php
$PMF_LDAP['ldap_server'] = '10.0.10.150';
$PMF_LDAP['ldap_port'] = '389';
$PMF_LDAP['ldap_user'] = 'ssouser';
$PMF_LDAP['ldap_password'] = 'XXXXXXX';
$PMF_LDAP['ldap_base'] = 'OU=Usuarios Outros,dc=aps,dc=ti';

Just to certify: I'm already using the same config (IP, User, Pass and BaseDN )in another application to login at my Active Directory.

All of them are still not working

phpMyFAQ

LDAP in 2.9.2

LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2

Re: LDAP in 2.9.2