Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Open Directory, LDAP, and PHP/Joomla

Posted on 2013-01-29
7
Medium Priority
?
801 Views
Last Modified: 2013-11-19
I am attempting to setup our Joomla Intranet to connect to our Open Directory server (Mac Server 10.6.8) for authentication using LDAP.

I have opened the LDAP port and assigned it a static outside IP. I can connect to the Open Directory using this IP address from outside the network using the Directory Utility in Mac OS.

I cannot seem to find the proper information to get our webserver (external/CENTOS) to connect to the it. LDAP support is installed on the webserver.

What Base DN and Web DN should I use? Do I need a connect user and password? Do I use Search or not? I know I use LDAP V3. I tried the Base DN listed in the Server Manager, but that doesn't work. Using a PHP LDAP Debug tool, it just says it cannot connect to the server.

Any suggestions? Is there something else I have to set up?

Thanks!!
0
Comment
Question by:gpubit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38833752
First of all

If you are connecting to OD over the internet, you want to secure the traffic over SSL with LDAPS on port 636 rather than just LDAP on port 389. With LDAP on port 389 the usernames and passwords re sent in plaintext...

You would usually configure an LDAP server to not allow anonymous binds, therefore you will need to specify the user to make the initial bind with in the form CN= etc etc

I would suggest that you used an LDAP browser on your local machine to confirm the correct user DN and Base DN before testing it on your Joomla site.
0
 

Author Comment

by:gpubit
ID: 38839557
I would like to get this working as the settings are, before changing how the LDAP server is set up. I would like to try to get it to work on LDAP 389.

Do you have any suggestions specifically relating to PHP LDAP access and Open Directory on a Mac Server?
0
 

Author Comment

by:gpubit
ID: 38839593
I am able to connect fine using an LDAP browser. Here is what happens when I try to connect via PHP though:

Screenshot
0
Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

 
LVL 37

Expert Comment

by:ArneLovius
ID: 38840131
you do not appear to have anything set for the "Connect user", this should be the full DN of the user.

is there a firewall configured on the Mac server ?
0
 

Author Comment

by:gpubit
ID: 38840221
The connect user is for LDAP authentication to access it. I am able to connect using the LDAP browser without any authentication, so I shouldn't need to use a Connect User. Also, since I am able to connect using the LDAP browser, there should be no firewall issues.

For what it's worth, I did try putting in a username and password, to no avail.
0
 
LVL 37

Accepted Solution

by:
ArneLovius earned 1000 total points
ID: 38840263
You are running an LDAP server with anonymous connections enabled directly accessible from the Internet ?

Nothing personal, but if I discovered an IT manager doing that they would be fired for gross incompetence.

If you can connect using the Mac directory utility from outside, but the PHP application cannot, I would suggest trying to telnet to the port from the server running the application and see if it blocked elsewhere.
0
 

Author Closing Comment

by:gpubit
ID: 38840620
The port was being blocked from the Web Server. Port opened, works fine.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Color can increase conversions, create feelings of warmth or even incite people to get behind a cause. If you want your website to really impact site visitors, then it is vital to consider the impact color has on them.
Ready to get certified? Check out some courses that help you prepare for third-party exams.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question