FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » General » PHP discussions » Problems getting LDAPS to work
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Return to the default flat view Create a new topic Submit Reply
Problems getting LDAPS to work [message #166947] Fri, 06 April 2012 10:38 Go to previous message
Multitool is currently offline  Multitool
Messages: 47
Registered: February 2012
Karma:
Member
add to buddy list
ignore all messages by this user
For some reason, I can't seem to get LDAPS to work from within the FUDforum LDAP plugin. Normal LDAP works fine, but for some reason I always get a connection error when trying to use LDAPS.

If I create a stand-alone PHP script that is essentially exactly the same as the LDAP plugin code and run this separately, it always works. But running essentially the same code from within FUDforum does not work, and I can't understand why.

My stand-alone test script looks like this:

<?php
$ldapurl 
'ldaps://ldap.example.com/';
$ldapproxydn '<proxy-dn>';
$ldapproxypassword '<proxy-password>';
        
$connection ldap_connect($ldapurl);
        if (!
$connection) {
                echo 
'Unable to connect to an LDAP server. (Debug 1)';
                return 
0;
        }
        @
ldap_set_option($connectionLDAP_OPT_PROTOCOL_VERSION3);
        @
ldap_set_option($connectionLDAP_OPT_REFERRALS0);
        
// Connection made -- bind
                
$bind = @ldap_bind($connection$ldapproxydn$ldapproxypassword);
        if (!
$bind) {
                echo 
'Bind to LDAP failed:'ldap_error($connection), ' (Debug 3)';
                return 
0;
        } else {
                echo 
'Success!';
        }
        
ldap_close($connection);
?>


This ALWAYS works and binds successfully, regardless of whether I use LDAP or LDAPS. I even tried running the script as the 'apache' user, and it still worked perfectly. Shocked

However, the identical code when called within FUDforum does not work if LDAPS is used - it only works if I change the url to use normal LDAP.

I can see from tcpdump that FUDforum is communicating with the LDAPS server on port 636, but obviously I can't see inside any of the packets as they're encrypted Laughing

Any ideas why this would work outside of FUDforum, but not when called from within FUDforum?
[Message index]
 
Read Message
Read Message
Read Message
Previous Topic: Google Analytics
Next Topic: PHP object scope
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Oct 19 07:08:00 EDT 2017

Total time taken to generate the page: 0.00678 seconds