You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@vcl.apache.org by Jonathon Taylor <jo...@csueastbay.edu> on 2010/02/08 20:09:45 UTC
LDAP Authentication
Hello,
We configured LDAP authentication when we originally installed our VCL
system. It worked just fine, but now will not authenticate users and logs
and error. Here is what we added to the authMecs array in conf.php. I
added the affiliationid to the database and also uncommented the
@require_once line in the script.
"CSUEB NetID" => array("type" => "ldap",
"server" => "***.csueastbay.edu",
"binddn" =>
"ou=***,dc=csueastbay,dc=edu",
"userid" =>
"uid=%s,ou=***,dc=csueastbay,dc=edu",
"unityid" => "uid",
"firstname" => "givenname",
"lastname" => "sn",
"email" => "mail",
"defaultemail" => "@csueastbay.edu",
"masterlogin" =>
"uid=***,ou=***,dc=csueastbay,dc=edu",
"masterpwd" => "********",
"affiliationid" => 2,
"help" => "Use NetID authentication"),
Here is the error from ssl_error_log:
PHP Warning: ldap_bind() [<a
href='function.ldap-bind'>function.ldap-bind</a>]: Unable to bind to server:
Can't contact LDAP server in /var/www/html/vcl/.ht-inc/authentication.php on
line 402, referer: https://vcl.csueastbay.edu/vcl/index.php
I am able to bind from our web server to our LDAP provider using the exact
same credentials, server, bindOU, etc using ldapsearch so it doesn't appear
to be the configuration or a firewall issue.
Does anyone have an suggestions for further trouble-shooting?
Thanks!
Jonathon Taylor
Cal State University, East Bay
Re: LDAP Authentication
Posted by James Patrick Sigmon <jp...@ncsu.edu>.
This happened to me before. Here is how I understand it. It will work for a while, but later when it tries to update, it can't. As it turns out, there are more field that need to be added/uncommented in conf.php.
$affilValFunc = array(1 => create_function('', 'return 0;'),
/*2 => "validateLDAPUser",*/
);
$affilValFuncArgs = array(/*2 => 'EXAMPLE1 LDAP',*/
);
$addUserFunc = array(1 => create_function('', 'return 0;'),
/*2 => 'addLDAPUser',*/
);
$addUserFuncArgs = array(/*2 => 'EXAMPLE1 LDAP',*/
);
$updateUserFunc = array(1 => create_function('', 'return 0;'),
/*2 => 'updateLDAPUser',*/
);
$updateUserFuncArgs = array(/*2 => 'EXAMPLE1 LDAP',*/
);
Hope this helps,
Patrick Sigmon
NC State University
On Feb 8, 2010, at 2:09 PM, Jonathon Taylor wrote:
> Hello,
>
> We configured LDAP authentication when we originally installed our VCL
> system. It worked just fine, but now will not authenticate users and logs
> and error. Here is what we added to the authMecs array in conf.php. I
> added the affiliationid to the database and also uncommented the
> @require_once line in the script.
>
> "CSUEB NetID" => array("type" => "ldap",
> "server" => "***.csueastbay.edu",
> "binddn" =>
> "ou=***,dc=csueastbay,dc=edu",
> "userid" =>
> "uid=%s,ou=***,dc=csueastbay,dc=edu",
> "unityid" => "uid",
> "firstname" => "givenname",
> "lastname" => "sn",
> "email" => "mail",
> "defaultemail" => "@csueastbay.edu",
> "masterlogin" =>
> "uid=***,ou=***,dc=csueastbay,dc=edu",
> "masterpwd" => "********",
> "affiliationid" => 2,
> "help" => "Use NetID authentication"),
>
> Here is the error from ssl_error_log:
>
> PHP Warning: ldap_bind() [<a
> href='function.ldap-bind'>function.ldap-bind</a>]: Unable to bind to server:
> Can't contact LDAP server in /var/www/html/vcl/.ht-inc/authentication.php on
> line 402, referer: https://vcl.csueastbay.edu/vcl/index.php
>
> I am able to bind from our web server to our LDAP provider using the exact
> same credentials, server, bindOU, etc using ldapsearch so it doesn't appear
> to be the configuration or a firewall issue.
>
> Does anyone have an suggestions for further trouble-shooting?
>
> Thanks!
>
> Jonathon Taylor
> Cal State University, East Bay