[horde] Stumped on LDAP Auth

Jan Schneider jan at horde.org
Sat Nov 8 17:30:17 UTC 2008


Zitat von Sean Phelps <justaswinginguy at gmail.com>:

> Horde 3.3
> Apache 2.2.8
> PHP 5.2.4
> slapd 2.4.9
> Ubuntu Server 8.04
> --
> I have to admit, I'm newb at OpenLDAP. I've been doing Microsoft AD
> for years, but this is very different.
>
> Short version: When I try to login, I get "Empty Result" and nothing else.
>
> Long version: I followed the NewLDAPHowTo wiki pretty closely, but
> there's few things that we're spoon fed enough, I guess. Here's the
> auth and group snippets from my conf.php:
>
> $conf['auth']['admins'] = array('admin');
> $conf['auth']['checkip'] = true;
> $conf['auth']['checkbrowser'] = true;
> $conf['auth']['alternate_login'] = false;
> $conf['auth']['redirect_on_logout'] = false;
> $conf['auth']['params']['hostspec'] = 'localhost';
> $conf['auth']['params']['basedn'] = 'dc=company,dc=local';
> $conf['auth']['params']['binddn'] =
> 'uid=admin,ou=users,ou=horde,dc=company,dc=local';
> $conf['auth']['params']['password'] = 'hldappw';
> $conf['auth']['params']['version'] = '3';
> $conf['auth']['params']['ad'] = false;
> $conf['auth']['params']['uid'] = 'uid';
> $conf['auth']['params']['encryption'] = 'ssha';
> $conf['auth']['params']['newuser_objectclass'] =
> array('shadowAccount', 'inetOrgPerson');
> $conf['auth']['params']['objectclass'] = array('shadowaccount',
> 'inetorgperson', 'simpleSecurityObject');
> $conf['auth']['params']['filter_type'] = 'objectclass';
> $conf['auth']['params']['password_expiration'] = 'no';
> $conf['auth']['driver'] = 'ldap';
>
> $conf['group']['params']['hostspec'] = 'localhost';
> $conf['group']['params']['basedn'] = 'dc=company,dc=local';
> $conf['group']['params']['binddn'] =
> 'uid=admin,ou=users,ou=horde,dc=company,dc=local';
> $conf['group']['params']['password'] = 'hldappw';
> $conf['group']['params']['version'] = '3';
> $conf['group']['params']['gid'] = 'cn';
> $conf['group']['params']['memberuid'] = 'memberUid';
> $conf['group']['params']['attrisdn'] = false;
> $conf['group']['params']['newgroup_objectclass'] = array('posixGroup',
> 'hordeGroup');
> $conf['group']['params']['objectclass'] = array('posixGroup');
> $conf['group']['params']['filter_type'] = 'objectclass';
> $conf['group']['driver'] = 'ldap';
> $conf['group']['cache'] = false;
>
> Here's my very basic LDAP tree:
> dc=company,dc=local (5)
> --cn=root
> --ou=DSA (1)
> -----cn=horde
> --ou=groups
> --ou=horde (2)
> -----ou=groups
> -----ou=users (1)
> ---------uid=admin
> --ou=people
>
> I've tried logging in using the root user, the horde user, and the
> admin user and their respective passwords but get the same result. I
> even tried using the full DN for each user just in case. I've also
> tried using cn=root,dc=company,dc=local as the "binddn" in case it was
> a permissions issue, and that didn't work either.
>
> One other thing I might mention is whenever I try to include the
> horde.schema into my slapd.conf file, it won't start. I don't know if
> that's required for authentication or just preference storage, but
> whatever.

Check your LDAP log files, in both cases. And also check your Horde  
log file, after setting the log level to PEAR_LOG_DEBUG.

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/



More information about the horde mailing list