Add possibilty to set LDAP Port with php7 in config-site.php
Issue #940
resolved
Server: CentOS 7 PHP: 7.2 Piler: 1.3.4
Would it be possible to change the file /var/piler/www/system/database/ldap.php line 11 to set here not only the ldap host, but also the ldap port with config-site.php?
Since php version 7 it is not longer allowed to set the url to: host:port, instead the port have to be set in the ldap_connect method separately like:
$this->link = ldap_connect($ldaphost,$port) or exit('Error: ldap_connect()');
Comments (17)
-
repo owner
-
reporter
Correct. We are using univention corporate server, which uses 7389 for ldap port, because the 389 port is used by the samba controller.
-
repo owner
OK, I'll take a look how php 7.x handles it. I'll also address your other two concerns soon.
-
reporter
Thank you. By the way, i got displaying the mails working, not sure, what was wrong.
Would it be possible to start the ui initially with some filled data in the table, instead of first clicking the search button?
-
repo owner
Just checked the documentation, and it says that the 2nd variable (ie. $port) is "not used when using LDAP URIs." Would you try setting the ldap_host parameter to something like "ldap://your.ldap.server:7389" and check if it worked?
-
reporter
That's the way i did it before and then i got an error, something like "PHP Warning: ldap_connect(): Could not create session handle: Bad parameter to an ldap routine in /var/piler/www/system/database/ldap.php on line 11,". Removing the port from the URI and adding to the second parameter fixs this error.
-
repo owner
Interesting. I have php 7.2, and tried it with slapd listening on port 1389, and got the following in the mail log using LOG_LEVEL = DEBUG:
ldap auth against 'ldap://slapd:1389', dn: 'cn=xxxxx,ou=users,dc=nodomain', result: 1
What do you have in your log?
-
reporter
Hi, i set the LogLevel debug at apache or which one do you want?
This message didn't appears at my server, because the thrown error at apache "ssl_error_log":
PHP Warning: ldap_connect(): Could not create session handle: Bad parameter to an ldap routine in /var/piler/www/system/database/ldap.php on line 11,"
is one of your first commands the ldap.php file, so my server can't connect to ldap and give me such a result.
-
repo owner
Set the following in config-site.php, and let's try it again:
$config['LOG_LEVEL'] = DEBUG; -
reporter
I set the Log-Level at your application and checked the logs with both configurations. With the failing one (port set over the URL) i got no log messages at maillog, but i got the php errors. Setting the port over ldap.php i got the same logs as you.
-
repo owner
Odd. OK, give me some time, and I'll create a fix for you.
-
reporter
thanks a lot! My suggestion for this ticket was a new more configurable solution for all, if it isn't to much expenditure for you, to build this new version.
I have a small question, not belonging to this ticket. Does your check for the Admin-DN belongs to the user object at ldap level or to the group object. Reason is, that the membership of a user is stored at a group with attribute "uniqueMember="uid=name,cn=users,dc=domain,dc=com" " or "memberUid=firstname.lastname" and it isnt stored at user-level with attribute "memberOf="cn=groupname,cn=groups,dc=domain,dc=com" "
-
repo owner
At the user object level. Btw. what LDAP server do you have?
-
reporter
It is an OpenLDAP server installed with the univention corporate server.
(https://docs.software-univention.de/manual-4.3.html#introduction:LDAP_directory_service
-
repo owner
Try the following fix: https://bitbucket.org/jsuto/piler/commits/4efe39b5f3c5a128c87c380ea18def80af8ce549
-
repo owner
You need this commit as well: https://bitbucket.org/jsuto/piler/commits/eae385616f813cb91876adb6bc05323b17dba6aa
-
repo owner
- changed status to resolved
- Log in to comment
Why do you need the port? Do you use a non-standard port?