Debug?

The Debug-Info is put into the “default” PHP-Logfile. Usually that is the same log as the server-log. So when you are running on apaches httpd on a unix-system I’d have a look at /var/log/apache2/ and see whether there’s an error-log file.

Thanks for the quick response!

I’ve found “LDAP authentication failed with exception: bind was not successfull: Can’t contact LDAP server”. Digging in to it now but it’s odd as I’m currently browsing the LDAP using the same credentials I’ve entered.

NB. I’m not suggesting this is a bug in your plugin btw – 99.9% it will be my bad understanding of LDAP ?? Will keep looking …

Thanks,
Steve.

Hey Steve.

Can you perhaps provide me the LDAP-URI? And are you browsing the LDAP from the same machine as the webserver?

The format of URI I am using is:

ldaps://aoLdapKey=xxUK02919,ou=people,dc=xxx,dc=com:mypassword@ldap.xxx.net/ou=people,dc=xxx,dc=com

Results in:
“[Tue Dec 26 12:11:10.700096 2017] [php7:notice] [pid 1520:tid 1348] [client ::1:58787] [AuthLDAP] LDAP authentication failed with exception: bind was not successfull: Can’t contact LDAP server, referer: https://localhost/wp-login.php

The utility I’m using is Windows based but this works:
https://myhub.devcloud.guru/index.php/s/oNnh1nDbtWk7Huj

It’s not an exact test though I think as although the web site is running on my Windows machine, it’s using Uwamp?

• This reply was modified 7 years, 3 months ago by Steve Cliff.

Yeah, it’s definitely not your plugin ??

I’ve run the following and this won’t connect either …

<?php

//LDAP server address
$server = "ldaps://ldap.xxx.net:636";
//domain user to connect to LDAP
$user = "xxUK02919";
//user password
$psw = "xxx";
//FQDN path where search will be performed. OU - organizational unit / DC - domain component
$dn = "ou=people,dc=xxx,dc=com";
//Search query. CN - common name (CN=* will return all objects)
$search = "CN=*";                    
// ------------------------------------------------------------------------

putenv('LDAPTLS_REQCERT=never');

echo "<h2>php LDAP query test</h2>";
// connecting to LDAP server
$ds=ldap_connect($server);
echo "ldap_connect triggered against ", $server;

$r=ldap_bind($ds, $user , $psw); 
echo "ldap_bind triggered against user=", $user, " password=", $psw;

// performing search
$sr=ldap_search($ds, $dn, $search);
$data = ldap_get_entries($ds, $sr);    
echo "Found " . $data["count"] . " entries";
for ($i=0; $i<$data["count"]; $i++) {
 echo "<h4><strong>Common Name: </strong>" . $data[$i]["cn"][0] . "</h4><br />";
 echo "<strong>Distinguished Name: </strong>" . $data[$i]["dn"] . "<br />";
 //checking if discription exists 
 if (isset($data[$i]["description"][0])) 
 echo "<strong>Desription: </strong>" . $data[$i]["description"][0] . "<br />";
 else 
 echo "<strong>Description not set</strong><br />";
 //checking if email exists
 if (isset($data[$i]["mail"][0]))
 echo "<strong>Email: </strong>" . $data[$i]["mail"][0] . "<br /><hr />";
 else 
 echo "<strong>Email not set</strong><br /><hr />";
 }
 // close connection
 ldap_close($ds);
?>

ldaps is a pain especially with self-signed certificates. ANd combined with windows it sadly only gets worse. I’m absolutely sorry but I’m not able to help you there due to missing access to windows-environments ??

Is there a possibility to use START_TLS? That might be easier…

Don’t worry – I appreciate your comments/help anyway – unfortunately I’m stuck with what I’ve got as I don’t control the LDAP service we have to use.

Thanks again anyway.