Skip to content
This repository has been archived by the owner on Jul 24, 2023. It is now read-only.

can't contact ldap server on production server, works fine on Test server #790

Open
MAELALE opened this issue Aug 17, 2021 · 0 comments
Open

can't contact ldap server on production server, works fine on Test server #790

MAELALE opened this issue Aug 17, 2021 · 0 comments

Comments

@MAELALE
Copy link

MAELALE commented Aug 17, 2021
edited

  • Laravel Version: 8.26.1
  • Adldap2 Version: 10.3.1
  • PHP Version: 7.3.5
  • LDAP Type: OpenLDAP

I deploy my php code on 2 similar servers (red hat 8 with apache server). One is for tests the other one is for the production.
I have no trouble on the testing server, my laravel code with adldap2 works fine, but I have the error "Can't contact ldap server" on the production server:

local.DEBUG: AuthenticatesUsers::attemptLogin {"BindException":"[object] (Adldap\Auth\BindException(code: -1): Can't contact LDAP server at /data/Myproject/vendor/adldap2/adldap2/src/Auth/Guard.php:107)

  1. On both servers I succeed to connect to my ldap through command line with this kind of command:

ldapsearch -x -H ldap://myldap.com -D "LDAP_USERNAME" -W -b "my LDAP_BASE_DN" cn

  1. My .env file is the same on both servers. I'll try with SSL or TLS without success (the both protocols works fine on my testing server)

  2. The ldap.conf file are the same on both servers.

  3. I clear all artisan caches on both servers in order to be sure that last parameters from .env file are set:

php artisan config:cache
php artisan config:clear
php artisan cache:clear

  1. I create a little php script to check ldap connection through php command and it's works (Successfully connected to LDAP !) on the both server too:

$ldapconn = ldap_connect("ldap://myldap.com")
or die("Impossible to connect to the LDAP server.");
$ldapbind = ldap_bind($ldapconn, 'LDAP_USERNAME', 'LDAP_PASSWORD');
// check binding
if ($ldapbind) {
echo "Successfully connected to LDAP !" . PHP_EOL;
$dn = 'LDAP_BASE_DN';
$sr = ldap_list($ldapconn, $dn, 'cn=*');
if (false === $sr) {
die('Impossible to use the dn: ' . $dn . PHP_EOL);
}
$info = ldap_get_entries($ldapconn, $sr);
if ($info['count'] === 0) die('No entries :(');
for ($i=0; $i < $info["count"]; $i++) {
echo $info[$i]["cn"][0] . PHP_EOL;
}
} else {
$var = '';
ldap_get_option($ldapconn, LDAP_OPT_ERROR_STRING, $var);
echo "Connection to LDAP failed..." . PHP_EOL . $var . PHP_EOL;
}

  1. On the production server, i try to change an input directly in Adldap2 code source. In /src/Connections/Ldap.php function "bind" line 343, I change:
    $this->connection,
    by
    ldap_connect("ldap://myldapserver.com"),

and the connection passed! So I think the trouble is link to this but I don't know what's wrong on my server.

what other points between the 2 servers I could check to solve my problem?
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MAELALE