Expedition LDAP Error

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Expedition LDAP Error

L1 Bithead

I'm trying to configure an Expedition deployment on a supported Ubuntu 20.04 VM, but consistently get a "Can't contact LDAP server" error. I have php-ldap installed and enabled (php -m). I can also bind the ldap server from the VM cli using ldapsearch, but the Expedition application can't connect. There are not any error messages printed in the apache logs or in the logs table in the pandbRBAC database. I have not been able to find any documentation so far that has helped to get this resolved. I'm not sure where to go from here.

1 accepted solution

Accepted Solutions

L1 Bithead

I solved this and wanted to add my solution for posterity. The server had been configured with an SSL certificate signed by our local CA, but the CA root and intermediate certificates had not been installed on the host. Installing the certificates fixed the issue. Additional tips: the Apache log level can be increased to sow more log messages and validate ldap in addition to ldaps.

View solution in original post

5 REPLIES 5

L6 Presenter

 

Can you please verify you have are running php 7.0 , also has php7.0-ldap installed, if not, you need to install the correct package version by:

1. login to expedition server CLI as expedition user.

2. Update package indexes with the command: sudo apt update

3. Install the correct php-ldap version: sudo apt install php7.0-ldap

4. Restart expedition web server: sudo apache2ctl restart

L1 Bithead

I updated php7.0-common and all the installed php7.0 extensions ( php7.0-bcmath php7.0-bz2 php7.0-cli php7.0-common php7.0-curl php7.0-gd php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-opcache php7.0-readline php7.0-soap php7.0-xml php7.0-zip). I'm now on the latest php7.0-common and php7.0-ldap. No change to ldap auth or error message.

Can you do $php -version 

 

you should see only 7.0 

L1 Bithead

That's correct. v7.0.33-58

L1 Bithead

I solved this and wanted to add my solution for posterity. The server had been configured with an SSL certificate signed by our local CA, but the CA root and intermediate certificates had not been installed on the host. Installing the certificates fixed the issue. Additional tips: the Apache log level can be increased to sow more log messages and validate ldap in addition to ldaps.

  • 1 accepted solution
  • 3487 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!