phpLDAPadmin Configuration

Discussion related to network/web services such as Apache, BIND Sendmail, etc.

phpLDAPadmin Configuration

Postby rtwingfield » 18 Jul 2011, 19:44

I'm attempting to configure phpLDAPadmin and when I ask for this URL, [FILE]http://archaxis.net/phpldapadmin/index.php[/FILE], the following error is displayed in the browser:
Code: Select all
Function error called incorrectly [ERROR: Setting a key [[B]A[/B]rchaxis] that isnt predefined.]

If the pointer in the [FILE]/www/phpLDAPadmin/config/config.php[/FILE] file
Code: Select all
$servers->setValue('[B]A[/B]rchaxis','net','OpenLDAP Server');

. . .is changed to
Code: Select all
$servers->setValue('[B]X[/B]rchaxis','net','OpenLDAP Server');

. . .then
Code: Select all
Function error called incorrectly [ERROR: Setting a key [[B]X[/B]rchaxis] that isnt predefined.]
will be displayed.

Can someone tell me what this means and/or what to do to correct the problem?
Where should the key be predefined?

I've configured the following (per the suggestion) in the [FILE]/www/phpLDAPadmin/config/config.php[/FILE] file:
Code: Select all
/* If you are asked to put PLA in debug mode, this is how you do it: */
$config->custom->debug['level'] = 255;
$config->custom->debug['syslog'] = true;
$config->custom->debug['file'] = '/var/log/pla_debug.log';
#  $config->custom->debug['file'] = '/tmp/pla_debug.log';

but the log file is not created, nor are there any entries in the http server error log.

The following directives have been added to the [FILE]httpd.conf[/FILE] file:
Code: Select all
         Alias /phpldapadmin/ "/usr/local/www/phpldapadmin/htdocs/"
   
         <Directory "/usr/local/www/phpldapadmin/htdocs">
             Options none
             AllowOverride none
             Order Deny,Allow
             Deny from all
             Allow from 192.168.1 .archaxis.net
             DirectoryIndex index.php
         </Directory>
. . .just another message in a bottle,

OTTF, Ron W.
User avatar
rtwingfield
Member
 
Posts: 109
Joined: 19 Aug 2010, 00:19
Location: Little Rock, AR USA

Postby qsecofr » 18 Jul 2011, 21:35

Is there anything logged in [FILE]/var/log/httpd-error.log[/FILE]?
In your [FILE]config.php[/FILE] are there any syntax errors that include the string "Archaxis"?
qsecofr
Member
 
Posts: 213
Joined: 16 Mar 2009, 04:07
Location: PDX

Postby rtwingfield » 18 Jul 2011, 22:18

[color="Blue"]Please see edited notes above in my first post.[/color]

This from/[FILE]var/log/httpd-error.log[/FILE]
Code: Select all
[Mon Jul 18 16:35:42 2011] [notice] SIGHUP received.  Attempting to restart
[Mon Jul 18 16:35:43 2011] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter
[Mon Jul 18 16:35:43 2011] [notice] Digest: generating secret for digest authentication ...
[Mon Jul 18 16:35:43 2011] [notice] Digest: done
[Mon Jul 18 16:35:44 2011] [notice] Apache/2.2.11 (FreeBSD) mod_ssl/2.2.11 OpenSSL/0.9.8e DAV/2 PHP/5.2.17 with Suhosin-Patch configure
d -- resuming normal operations

. . .and are associated with a restart of Apache.


This from [FILE]/www/phpldapadmin/config/config.php[/FILE]
Code: Select all
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('Archaxis','net','OpenLDAP Server');

/* Examples:
   'ldap.example.com',
   'ldaps://ldap.example.com/',
   'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
           (Unix socket at /usr/local/var/run/ldap) */
// $servers->setValue('server','host','127.0.0.1');

// $servers->setValue('server','port',389);

The previous snippet of code contains the the only spelling of "[FILE]Archaxis[/FILE]".
I have to confess that the Examples (from [FILE]/www/phpldapadmin/config/config.php.example[/FILE]) are somewhat confusing.

Should I enable the [FILE]$servers->setValue('server','port',389);[/FILE] pointer? If so, then should the "[FILE]server[/FILE]" argument be set to something like "[FILE]archaxis.net[/FILE]"? [color="Blue"](tried but didn't work.)[/color]

This from the archaxis_access_log . . .status code 200 indicates a successful [FILE]GET[/FILE]
Code: Select all
192.168.1.1 - - [18/Jul/2011:18:21:12 -0500] "GET /phpldapadmin/index.php HTTP/1.1" 200 89
. . .so the problem must be in the phpLDAPadmin configuration . . .but where?

Apparently, this pointer/directive
Code: Select all
$servers->setValue('Archaxis','net','OpenLDAP Server');
in the [FILE]/www/phpLDAPadmin/config/config.php[/FILE] is not "happy". What should take the place of "Archaxis"?
. . .just another message in a bottle,

OTTF, Ron W.
User avatar
rtwingfield
Member
 
Posts: 109
Joined: 19 Aug 2010, 00:19
Location: Little Rock, AR USA

Postby qsecofr » 19 Jul 2011, 02:41

Snippets from my [FILE]config.php[/FILE]
Code: Select all
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('server','host','ldap://the_hostname.my_own_domain.net');
$servers->setValue('server','base',array('dc=my_own_domain,dc=net'));
$servers->setValue('login','auth_type','session');
$servers->setValue('login','bind_id','');


I have my own registered domain. The base DN is mocked here as my_own_domain.net. The host URI is the fully qualified hostname.

HTH
qsecofr
Member
 
Posts: 213
Joined: 16 Mar 2009, 04:07
Location: PDX

Postby rtwingfield » 19 Jul 2011, 03:52

Hey, this is great! I cut-and_pasted your [FILE]$servers->setValue[/FILE] args into my [FILE]config.php[/FILE] file (correcting for my domain, of course) and voila!, the application started. (Actually, it complained about permissions regarding my designation of [FILE]/var/log/pla_debug.log[/FILE] . . .previously, I actually tried manually creating and assigning ownership, permissions, etc. just to see what would happen. Maybe later, I'll just delete the file and re-enable the debug directives and see what happens.)

Interesting, now we move on to this message:
Code: Select all
You found a non-fatal phpLDAPadmin bug!
Error:   date_default_timezone_set() [function.date-default-timezone-set]: Timezone ID ':America/Chicago' is invalid (E_NOTICE)
File:   common.php line 204, caller index.php


[color="Blue"]s/b 'America/Chicago' . . .without the colon (. . .a typo, probably an artifact created when updating with the vi editor), as per:[/color]
Code: Select all
$config->custom->appearance['timezone'] = 'America/Chicago';]


Thanks for the suggestions!
. . .just another message in a bottle,

OTTF, Ron W.
User avatar
rtwingfield
Member
 
Posts: 109
Joined: 19 Aug 2010, 00:19
Location: Little Rock, AR USA

phpLDAPadmin Login Authentication Problem

Postby rtwingfield » 20 Jul 2011, 17:01

Login to phpLDAPadmin is failing to authenticate the Username or Password.

This is displayed:
Code: Select all
error   Unable to connect to LDAP server
Error: Invalid credentials (49) for user
error   Failed to Authenticate to server
Invalid Username or Password.



The login prompt for [FILE]Login DN[/FILE] is [FILE]cn=admin,dc=archaxis,dc=net[/FILE] and the password used corresponds the the SSHA value in the following configurations.

this in [FILE]/usr/local/www/phpldapadmin/config/config.php[/FILE]
Code: Select all
$servers->setValue('login','bind_pass','{SSHA}56dR************************krmX');

$servers->setValue('login','allowed_dns',array('cn=admin,dc=archaxis,dc=net'));


and this in [FILE]/usr/local/etc/openldap/slapd.conf[/FILE]
Code: Select all
suffix          "dc=archaxis,dc=net"
[I][color="Blue"]changed[/color][/I]
rootdn          "cn=admin,o=sfs"
[I][color="Blue"]to[/color][/I]
rootdn          "cn=admin,[color="Blue"]dc=archaxis,dc=net"[/color]
rootpw          {SSHA}56dR************************krmX


(I must confess that I don't understand this.)
. . .just another message in a bottle,

OTTF, Ron W.
User avatar
rtwingfield
Member
 
Posts: 109
Joined: 19 Aug 2010, 00:19
Location: Little Rock, AR USA

How to configure the LDAP server to revel its root?

Postby rtwingfield » 20 Jul 2011, 17:56

RE: The following phpLDAPadmin diagnostic message:
Code: Select all
Could not determine the root of your LDAP tree.
It appears that the LDAP server has been configured to not reveal its root.
Please specify it in config.php


How or where is this specified in the [FILE]/usr/local/www/phpldapadmin/config/config.php[/FILE] file? I have specified this directive:
Code: Select all
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
   auto-detect it for you. */
   $servers->setValue('server','base',array('dc=archaxis,dc=net'));


. . .this indicates that there is a problem with PLA and the database.
Code: Select all
         dc=archaxis,dc=net
         This base cannot be created with PLA.


Following a suggestion to create a new BASE database, I have created this [FILE]tree.ldif[/FILE] file: (seems simple enough)
Code: Select all
dn: dc=archaxis,dc=net,dc=ph
o: Archaxis Network Services
ou: LDAP Server
objectclass: organization
objectclass: top

. . .but this command fails:
[CMD=""]# slapadd -l ./tree.ldif[/CMD]
Code: Select all
slapadd: line 1: database #1 (dc=archaxis,dc=net) not configured to hold "dc=archaxis,dc=net,dc=ph";
no database configured for that naming context
_#################### 100.00% eta   none elapsed            none fast!
Closing DB...


I found this URL, http://www.zytrax.com/books/ldap/ch8/, that contains this LDIF example:

Code: Select all
## DEFINE DIT ROOT/BASE/SUFFIX ####
## uses RFC 2377 format
## replace example and com as necessary below
## or for experimentation leave as is

## dcObject is an AUXILLIARY objectclass and MUST
## have a STRUCTURAL objectclass (organization in this case)
# this is an ENTRY sequence and is preceded by a BLANK line

dn: dc=example,dc=com
dc: example
description: My wonderful company as much text as you want to place
 in this line up to 32K continuation data for the line above must
 have <CR> or <CR><LF> i.e. ENTER works
 on both Windows and *nix system - new line MUST begin with ONE SPACE
objectClass: dcObject
objectClass: organization
o: Example, Inc.

## FIRST Level hierarchy - people
## uses mixed upper and lower case for objectclass
# this is an ENTRY sequence and is preceded by a BLANK line

dn: ou=people, dc=example,dc=com
ou: people
description: All people in organisation
objectclass: organizationalunit

## SECOND Level hierarchy
## ADD a single entry under FIRST (people) level
# this is an ENTRY sequence and is preceded by a BLANK line
# the ou: Human Resources is the department name

dn: cn=Robert Smith,ou=people,dc=example,dc=com
objectclass: inetOrgPerson
cn: Robert Smith
cn: Robert J Smith
cn: bob  smith
sn: smith
uid: rjsmith
userpassword: rJsmitH
carlicense: HISCAR 123
homephone: 555-111-2222
mail: r.smith@example.com
mail: rsmith@example.com
mail: bob.smith@example.com
description: swell guy
ou: Human Resources


Executing the following command worked! phpLDAPadmin does display a BASE tree and I think I can substitute, cut and paste from here.
[CMD=""]# slapadd -l ./tree.ldif[/CMD]
Code: Select all
_#################### 100.00% eta   none elapsed            none fast!
Closing DB...


Apparently my first attempt at authoring a LDIF schema was a failure because I did not include any sub nodes or tree branches . . .in other words, I've still got a lot to learn.

I've ordered a copy of Gerald Carter's book, LDAP Systems Administration . . .at least it will add some more weight to my bookshelf.
. . .just another message in a bottle,

OTTF, Ron W.
User avatar
rtwingfield
Member
 
Posts: 109
Joined: 19 Aug 2010, 00:19
Location: Little Rock, AR USA


Return to Web & Network Services

Who is online

Users browsing this forum: No registered users and 3 guests