Error with LDAP

zarrelli · 2013-04-05 10:49:45

Hi,

I just upgraded to .83.8 from .72.4.

After the upgrade I can fetch users no more. The "test" button gives an "OK" to the connection, but in the php-errors.log I find this:

2013-04-05 10:44
Warning(2): ldap_search(): Search: Operations error
Backtrace :
/var/www/glpi/inc/authldap.class.php:1169 ldap_search()
/var/www/glpi/scripts/ldap_mass_sync.php:154 AuthLDAP::getAllUsers()
/var/www/glpi/scripts/ldap_mass_sync.php:116 import()

It's a CentOS 5.5 and

PHP 5.1.6 (cli) (built: Jun 27 2012 12:21:16)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies

Any idea? Thanks

yllen · 2013-04-05 12:01:25

Look if your configuration LDAP is still present

zarrelli · 2013-04-05 12:10:57

Yes, it's still there:

mysql> select * from glpi_authldaps\G
*************************** 1. row ***************************
id: 1
name: xx
host: xxx.xxx.xxx.xxx
basedn: DC=onename,DC=one
rootdn: CN=LDAP Service,OU=users on charge,OU=user,DC=onename,DC=one
port: 389
condition: (&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
login_field: samaccountname
use_tls: 0
group_field: memberof
group_condition: (&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
group_search_type: 0
group_member_field:
email1_field: mail
realname_field: sn
firstname_field: givenname
phone_field: telephonenumber
phone2_field: othertelephone
mobile_field: mobile
comment_field: info
use_dn: 1
time_offset: 3600
deref_option: 0
title_field: title
category_field:
language_field: preferredlanguage
entity_field: NULL
entity_condition: NULL
date_mod: 2013-04-05 11:09:57
comment: NULL
is_default: 1
is_active: 1
rootdn_passwd:
registration_number_field: NULL
email2_field: NULL
email3_field: NULL
email4_field: NULL
1 row in set (0.00 sec)

mysql>

I edited the domain names and ips. What is strange is that the rootdn_password is empty, but I'm sure I filled it in directly in the db.

EDIT

Well I tried to fill in again but then the script for ldap import complains with bad credentials. I filled the password in from the web interface and it connects. Anyway it can't import anything.

Last edited by zarrelli (2013-04-05 12:17:47)

zarrelli · 2013-05-15 12:25:58

Is it normal that

rootdn_passwd:

is empty?

If it must be filled in with the password of a user capable to read the root dn of the LDAP directory, how do i put the value directly in the database field?

zarrelli · 2013-05-15 13:15:02

Well, in debug mode, when I try to search for users I receive this error message:

PHP Warning: ldap_search() [function.ldap-search]: Search: Operations error in /var/www/glpi/inc/authldap.class.php at line 1169

And for import I get this in the log file:

2013-05-15 13:10
Warning(2): ldap_search(): Search: Operations error
Backtrace :
/var/www/glpi/inc/authldap.class.php:1169 ldap_search()
/var/www/glpi/scripts/ldap_mass_sync.php:154 AuthLDAP::getAllUsers()
/var/www/glpi/scripts/ldap_mass_sync.php:116 import()

Last edited by zarrelli (2013-05-15 13:16:21)

@meurou · 2013-05-15 16:01:32

Why not using the web interface ? did you still have an access ?

zarrelli · 2013-05-15 16:55:41

I'm using the web interface. I can login with my local admin user. I was perusing through log files to undestand what's happening.

zarrelli · 2013-05-16 12:26:07

Solved

Someone changed the rights of the user "used" to fetch the data from AD.

Forum GLPI-Project

Announcement

#1 2013-04-05 10:49:45

Error with LDAP

#2 2013-04-05 12:01:25

Re: Error with LDAP

#3 2013-04-05 12:10:57

Re: Error with LDAP

#4 2013-05-15 12:25:58

Re: Error with LDAP

#5 2013-05-15 13:15:02

Re: Error with LDAP

#6 2013-05-15 16:01:32

Re: Error with LDAP

#7 2013-05-15 16:55:41

Re: Error with LDAP

#8 2013-05-16 12:26:07

Re: Error with LDAP

Board footer