9526 Posts in 1941 Topics by 1529 members
| Go to End | Next > | |
| Author | Topic: | 1854 Views |
-
external authentication and 2008 AD
1 October 2009 at 6:32am
Hello,
I think I am missing something with external authentication module and our 2008 AD interaction. It will either give no results or a 500 internal error. I have the ldap module installed in php so I am not sure where I should work.
external authentication .3
server 2008
IIS 7
PHP 5.2Any help would be greatly appreciated.
Thanks,
-
Re: external authentication and 2008 AD
12 October 2009 at 8:47pm
Anything in the IIS server log? (sorry don't really know about IIS, only Apache)
A black page usually means an error somewhere.
-
Re: external authentication and 2008 AD
13 October 2009 at 6:23am
Nope nothing there. Just gives the unknown error 500 totally confusing. I am thinking there might be something in php causing it. Could you send me a list of php modules that are required for this silverstripe module to work? I guess I'll start there and proceed.
Thanks,
Spencer
-
Re: external authentication and 2008 AD
13 October 2009 at 6:07pm
You could try the latest version from trunk. It has debug logging features.
If you use AD, the only php module you need is php_ldap. But on Windows I imagine something more is needed (like openldap libs)
-
Re: external authentication and 2008 AD
31 October 2009 at 5:36am
Ok finally got PHP to behave hare to use the add and remove programs in windows to enable modules. Stupid.
Anyways I got so far that it is acctually producing a log. So here it is. I am not sure why it would not bind. What should I try next.
Fri, 30 Oct 09 10:29:08 -0600 - Starting process for user webtest
Fri, 30 Oct 09 10:29:08 -0600 - webtest - User with source localldap found in database
Fri, 30 Oct 09 10:29:08 -0600 - webtest - Password locking is disabled
Fri, 30 Oct 09 10:29:08 -0600 - webtest - loading driver LDAP
Fri, 30 Oct 09 10:29:08 -0600 - webtest - executing authentication driver
Fri, 30 Oct 09 10:29:08 -0600 - webtest.ldap - Connecting to ldap://"This did display the correct server" port 389 LDAP version 3
Fri, 30 Oct 09 10:29:08 -0600 - webtest.ldap - If process stops here, check PHP LDAP module
Fri, 30 Oct 09 10:29:08 -0600 - webtest.ldap - Connect succeeded
Fri, 30 Oct 09 10:29:08 -0600 - webtest.ldap - LDAP set to protocol version 3
Fri, 30 Oct 09 10:29:08 -0600 - webtest.ldap - TLS not set
Fri, 30 Oct 09 10:29:08 -0600 - webtest.ldap - Bind failed 81:Can't contact LDAP server
Fri, 30 Oct 09 10:29:08 -0600 - webtest - authentication driver LDAP failed
Fri, 30 Oct 09 10:29:08 -0600 - Process for user webtest endedThanks for all your help.
-
Re: external authentication and 2008 AD
31 October 2009 at 6:56am
Did you use DNS name (FQDN?) or IP? I've run into instances where PHP wouldn't correctly resolve my server name. As soon as I used the IP address the problems went away. Can you actually verify (e.g. using some LDAP tool) that you can bind from the server you are using?
-
Re: external authentication and 2008 AD
31 October 2009 at 8:00am
Ok I tried both. I tried 636 with ssl and 389 both as the ports and settings. Another note when I try and enable the user to look up with out anonymous I get a 500 internal server error. I will verify the connect from the server I am on but it is in the same domain so I would assume so.
-
Re: external authentication and 2008 AD
31 October 2009 at 8:09pm
In this case the server being in the same domain makes no difference at all. PHP reports unable to bind, so the problem is in the php ldap module, or in de ldap (AD) itself. Use http://jxplorer.org to check your directory connectivity.
| 1854 Views | ||
| Go to Top | Next > |
