1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

phpLDAPadmin Configuration

Discussion in 'Web and Network Services' started by rtwingfield, Jul 18, 2011.

  1. rtwingfield

    rtwingfield New Member

    Messages:
    109
    Thanks Received:
    0
    I'm attempting to configure phpLDAPadmin and when I ask for this URL, http://archaxis.net/phpldapadmin/index.php, the following error is displayed in the browser:
    Code:
    Function error called incorrectly [ERROR: Setting a key [Archaxis] that isnt predefined.]
    

    If the pointer in the /www/phpLDAPadmin/config/config.php file
    Code:
    $servers->setValue('Archaxis','net','OpenLDAP Server');

    . . .is changed to
    Code:
    $servers->setValue('Xrchaxis','net','OpenLDAP Server');

    . . .then
    Code:
    Function error called incorrectly [ERROR: Setting a key [Xrchaxis] that isnt predefined.]
    will be displayed.

    Can someone tell me what this means and/or what to do to correct the problem?
    Where should the key be predefined?

    I've configured the following (per the suggestion) in the /www/phpLDAPadmin/config/config.php file:
    Code:
    /* If you are asked to put PLA in debug mode, this is how you do it: */
    $config->custom->debug['level'] = 255;
    $config->custom->debug['syslog'] = true;
    $config->custom->debug['file'] = '/var/log/pla_debug.log';
    #  $config->custom->debug['file'] = '/tmp/pla_debug.log';

    but the log file is not created, nor are there any entries in the http server error log.

    The following directives have been added to the httpd.conf file:
    Code:
             Alias /phpldapadmin/ "/usr/local/www/phpldapadmin/htdocs/"
        
             <Directory "/usr/local/www/phpldapadmin/htdocs">
                 Options none
                 AllowOverride none
                 Order Deny,Allow
                 Deny from all
                 Allow from 192.168.1 .archaxis.net
                 DirectoryIndex index.php
             </Directory>
     
  2. qsecofr

    qsecofr Member

    Messages:
    226
    Thanks Received:
    10
    Is there anything logged in /var/log/httpd-error.log?
    In your config.php are there any syntax errors that include the string "Archaxis"?
     
  3. rtwingfield

    rtwingfield New Member

    Messages:
    109
    Thanks Received:
    0
    Please see edited notes above in my first post.

    This from/var/log/httpd-error.log
    Code:
    [Mon Jul 18 16:35:42 2011] [notice] SIGHUP received.  Attempting to restart
    [Mon Jul 18 16:35:43 2011] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter
    [Mon Jul 18 16:35:43 2011] [notice] Digest: generating secret for digest authentication ...
    [Mon Jul 18 16:35:43 2011] [notice] Digest: done
    [Mon Jul 18 16:35:44 2011] [notice] Apache/2.2.11 (FreeBSD) mod_ssl/2.2.11 OpenSSL/0.9.8e DAV/2 PHP/5.2.17 with Suhosin-Patch configure
    d -- resuming normal operations

    . . .and are associated with a restart of Apache.


    This from /www/phpldapadmin/config/config.php
    Code:
    $servers = new Datastore();
    $servers->newServer('ldap_pla');
    $servers->setValue('Archaxis','net','OpenLDAP Server');
    
    /* Examples:
       'ldap.example.com',
       'ldaps://ldap.example.com/',
       'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
               (Unix socket at /usr/local/var/run/ldap) */
    // $servers->setValue('server','host','127.0.0.1');
    
    // $servers->setValue('server','port',389);

    The previous snippet of code contains the the only spelling of "Archaxis".
    I have to confess that the Examples (from /www/phpldapadmin/config/config.php.example) are somewhat confusing.

    Should I enable the $servers->setValue('server','port',389); pointer? If so, then should the "server" argument be set to something like "archaxis.net"? (tried but didn't work.)

    This from the archaxis_access_log . . .status code 200 indicates a successful GET
    Code:
    192.168.1.1 - - [18/Jul/2011:18:21:12 -0500] "GET /phpldapadmin/index.php HTTP/1.1" 200 89
    . . .so the problem must be in the phpLDAPadmin configuration . . .but where?

    Apparently, this pointer/directive
    Code:
    $servers->setValue('Archaxis','net','OpenLDAP Server');
    
    in the /www/phpLDAPadmin/config/config.php is not "happy". What should take the place of "Archaxis"?
     
  4. qsecofr

    qsecofr Member

    Messages:
    226
    Thanks Received:
    10
    Snippets from my config.php
    Code:
    $servers = new Datastore();
    $servers->newServer('ldap_pla');
    $servers->setValue('server','host','ldap://the_hostname.my_own_domain.net');
    $servers->setValue('server','base',array('dc=my_own_domain,dc=net'));
    $servers->setValue('login','auth_type','session');
    $servers->setValue('login','bind_id','');
    


    I have my own registered domain. The base DN is mocked here as my_own_domain.net. The host URI is the fully qualified hostname.

    HTH
     
  5. rtwingfield

    rtwingfield New Member

    Messages:
    109
    Thanks Received:
    0
    Hey, this is great! I cut-and_pasted your $servers->setValue args into my config.php file (correcting for my domain, of course) and voila!, the application started. (Actually, it complained about permissions regarding my designation of /var/log/pla_debug.log . . .previously, I actually tried manually creating and assigning ownership, permissions, etc. just to see what would happen. Maybe later, I'll just delete the file and re-enable the debug directives and see what happens.)

    Interesting, now we move on to this message:
    Code:
    You found a non-fatal phpLDAPadmin bug!
    Error:	date_default_timezone_set() [function.date-default-timezone-set]: Timezone ID ':America/Chicago' is invalid (E_NOTICE)
    File:	common.php line 204, caller index.php


    s/b 'America/Chicago' . . .without the colon (. . .a typo, probably an artifact created when updating with the vi editor), as per:
    Code:
    $config->custom->appearance['timezone'] = 'America/Chicago';]
    


    Thanks for the suggestions!
     
  6. rtwingfield

    rtwingfield New Member

    Messages:
    109
    Thanks Received:
    0
    phpLDAPadmin Login Authentication Problem

    Login to phpLDAPadmin is failing to authenticate the Username or Password.

    This is displayed:
    Code:
    error	Unable to connect to LDAP server
    Error: Invalid credentials (49) for user
    error	Failed to Authenticate to server
    Invalid Username or Password.



    The login prompt for Login DN is cn=admin,dc=archaxis,dc=net and the password used corresponds the the SSHA value in the following configurations.

    this in /usr/local/www/phpldapadmin/config/config.php
    Code:
    $servers->setValue('login','bind_pass','{SSHA}56dR************************krmX');
    
    $servers->setValue('login','allowed_dns',array('cn=admin,dc=archaxis,dc=net'));


    and this in /usr/local/etc/openldap/slapd.conf
    Code:
    suffix          "dc=archaxis,dc=net"
    changed
    rootdn          "cn=admin,o=sfs"
    to
    rootdn          "cn=admin,dc=archaxis,dc=net"
    rootpw          {SSHA}56dR************************krmX


    (I must confess that I don't understand this.)
     
  7. rtwingfield

    rtwingfield New Member

    Messages:
    109
    Thanks Received:
    0
    How to configure the LDAP server to revel its root?

    RE: The following phpLDAPadmin diagnostic message:
    Code:
    Could not determine the root of your LDAP tree.
    It appears that the LDAP server has been configured to not reveal its root.
    Please specify it in config.php


    How or where is this specified in the /usr/local/www/phpldapadmin/config/config.php file? I have specified this directive:
    Code:
    /* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
       auto-detect it for you. */
       $servers->setValue('server','base',array('dc=archaxis,dc=net'));
    


    . . .this indicates that there is a problem with PLA and the database.
    Code:
    			dc=archaxis,dc=net
    			This base cannot be created with PLA.


    Following a suggestion to create a new BASE database, I have created this tree.ldif file: (seems simple enough)
    Code:
    dn: dc=archaxis,dc=net,dc=ph
    o: Archaxis Network Services
    ou: LDAP Server
    objectclass: organization
    objectclass: top

    . . .but this command fails:
    # slapadd -l ./tree.ldif
    Code:
    slapadd: line 1: database #1 (dc=archaxis,dc=net) not configured to hold "dc=archaxis,dc=net,dc=ph";
    no database configured for that naming context
    _#################### 100.00% eta   none elapsed            none fast!
    Closing DB...


    I found this URL, http://www.zytrax.com/books/ldap/ch8/, that contains this LDIF example:

    Code:
    ## DEFINE DIT ROOT/BASE/SUFFIX ####
    ## uses RFC 2377 format
    ## replace example and com as necessary below
    ## or for experimentation leave as is
    
    ## dcObject is an AUXILLIARY objectclass and MUST
    ## have a STRUCTURAL objectclass (organization in this case)
    # this is an ENTRY sequence and is preceded by a BLANK line
    
    dn: dc=example,dc=com
    dc: example
    description: My wonderful company as much text as you want to place 
     in this line up to 32K continuation data for the line above must 
     have <CR> or <CR><LF> i.e. ENTER works 
     on both Windows and *nix system - new line MUST begin with ONE SPACE
    objectClass: dcObject
    objectClass: organization
    o: Example, Inc.
    
    ## FIRST Level hierarchy - people 
    ## uses mixed upper and lower case for objectclass
    # this is an ENTRY sequence and is preceded by a BLANK line
    
    dn: ou=people, dc=example,dc=com
    ou: people
    description: All people in organisation
    objectclass: organizationalunit
    
    ## SECOND Level hierarchy
    ## ADD a single entry under FIRST (people) level
    # this is an ENTRY sequence and is preceded by a BLANK line
    # the ou: Human Resources is the department name
    
    dn: cn=Robert Smith,ou=people,dc=example,dc=com
    objectclass: inetOrgPerson
    cn: Robert Smith
    cn: Robert J Smith
    cn: bob  smith
    sn: smith
    uid: rjsmith
    userpassword: rJsmitH
    carlicense: HISCAR 123
    homephone: 555-111-2222
    mail: r.smith@example.com
    mail: rsmith@example.com
    mail: bob.smith@example.com
    description: swell guy
    ou: Human Resources


    Executing the following command worked! phpLDAPadmin does display a BASE tree and I think I can substitute, cut and paste from here.
    # slapadd -l ./tree.ldif
    Code:
    _#################### 100.00% eta   none elapsed            none fast!
    Closing DB...


    Apparently my first attempt at authoring a LDIF schema was a failure because I did not include any sub nodes or tree branches . . .in other words, I've still got a lot to learn.

    I've ordered a copy of Gerald Carter's book, LDAP Systems Administration . . .at least it will add some more weight to my bookshelf.