Hey there.
Currently I’m setting up a Dolibarr server with LDAP Auth against AD (more precise UCS server):
- Dolibarr 12.0.2
- Ubuntu 18.04
- PHP 7.2.24, Apache 2.4.29, MariaDB 10.1.44
- self-made installation, Linux level: elaborated
I entered the same credentials as used in other applications and double-checked them, but the DEBUG log says:
2020-08-31 18:31:42 WARNING 192.168.5.10 Ldap::connect_bind failed to start tls
2020-08-31 18:31:42 DEBUG 192.168.5.10 Ldap::connect_bind try bindauth for activedirectory on ldaps://ucs01.domain.lan/ user=cn=ldap-read,ou=Users,ou=domain,dc=domain,dc=lan password=******
2020-08-31 18:31:42 WARNING 192.168.5.10 Ldap::connect_bind return=-1 - Failed to connect to LDAP:
I added the server’s certificate to /etc/ssl/certs/ca-certificates.crt as mentioned in /etc/ldap/ldap.conf . More over, I also added TLS_REQCERT never to this file.
Via the command line I tried the general connectivity:
ldapsearch -H ldaps://ucs01.domain.lan -b "ou=domain,dc=domain,dc=lan" -D "cn=ldap-read,ou=Users,ou=domain,dc=domain,dc=lan" "uid=dennis" -x -w "*******"
Works well. Thought, I could be a PHP issue and placed that file into the web root:
<?php
ini_set('display_errors', '1');
error_reporting(-1);
$AD_search_bind_DN = 'cn=ldap-read,ou=Users,ou=domain,dc=domain,dc=lan';
$AD_search_bind_PW = '************';
$AD_server = 'ldaps://ucs01.domain.lan/';
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
$conn = ldap_connect($AD_server) or die("Failed to connect to ldap server.");
ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_bind($conn, $AD_search_bind_DN, $AD_search_bind_PW) or die("Failed to bind to ldap server: " + ldap_error($conn));
print("Successful LDAP bind.");
?>
Result: “Successful LDAP bind.” What else can be the problem?
