OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • LDAP connection not working (own php script does!)
« previous next »
  • Print
Pages: [1]

Author Topic: LDAP connection not working (own php script does!)  (Read 1910 times)

Apollo13

  • Newbie
  • *
  • Posts: 5
  • Karma: 0
    • View Profile
LDAP connection not working (own php script does!)
« on: February 03, 2019, 01:37:32 am »
Hi guys,

I am trying to setup a working LDAP auth server connection, but the only response I get when I click "Select" to show the Authentication containers is a blank popup - and in my logs I can see "opnsense: LDAP bind error (Can't contact LDAP server)". I am using StartTLS and I suppose there must be an error in my config, but I cannot figure out what to change.

My server has a certificate with its FQDN set as CN and the (self-signed) root and intermediate CAs are added (as separate entries) to the list of CAs shown via "System" -> "Trust" -> "Authorities".

If I try the following script (I put it in the same directory as all the other php files, i.e. /usr/local/www) using the values from the LDAP config page I get a list of all attributes for "my.user":

Code: [Select]
<?php
   $ldap
="ldap-srv.mydomain.com";
   
$usr="uid=srv-acc,ou=serviceaccounts,dc=sub,dc=mydomain,dc=com";
   
$pwd="secret";
 
   
$ds=ldap_connect($ldap);
   
$ldapbind=false;
   if(
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3))
      if(
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0))
         if(
ldap_start_tls($ds))
             
$ldapbind = @ldap_bind($ds, $usr, $pwd);   
             
$ldapse = ldap_search($ds,"dc=sub,dc=mydomain,dc=com","uid=my.user");
             
var_dump(ldap_get_entries($ds,$ldapse));
    
   
ldap_close($ds);
?>

The same username and password work if I use them inside a LDAP auth stanza in my Apache2 config.

I also tried setting "TLS_REQCERT never" in /usr/local/etc/openldap/ldap.conf but that doesn't change anything.

Can anybody tell me what I am doing wrong?
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • LDAP connection not working (own php script does!)
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2