Setup a new server using CentOS 7 and PHP 5.6 instead of PHP 7.0 and now LDAP works. Anyone else get LDAP / AD authentication working on CentOS 7 and PHP 7?Is there an easy way to downgrade Observium to PHP5.6?Dan.On Mon, Feb 6, 2017 at 11:05 AM, Dan Letkeman <danletkeman@gmail.com> wrote:Thanks for the tip. Debugging works now. However it doesn't seem to point to any problem in particular. "Error binding to LDAP server". If I use the same credentials with a different system it works fine. Any other thoughts?LDAP[Connecting to ldap.domain.ca]LDAP[Connected]LDAP[Referrals][Disabled]LDAP[Version][Set to 3]LDAP[Bind DN called]LDAP[Bind][cn=ldapproxy,cn=Users,dc=domain,dc=ca] Error binding to LDAP server: ldap.domain.ca: Can't contact LDAP serverOn Mon, Feb 6, 2017 at 10:46 AM, Tom Laermans <tom.laermans@powersource.cx> wrote:Dan,
To debug authentication issues you need to set $config['web_debug_unprivilege
d'] to TRUE (i advise you to disable it again later, as it leaks configuration data to any non-admin, even non-logged-in person) Tom
On 02/06/2017 05:44 PM, Dan Letkeman wrote:
Hello,
I'm trying to setup AD Ldap authentication and getting nowhere. I'm running observium version 17.1.8318 and PHP 7.0.15. I have ldap enabled and I have verified that with phpinfo. When I try to login with these settings in my config.php it just goes back to the login page with no failed login message or any other notice. I have tried to use observium.domain.com/debug/ but it does the same thing.
$config['auth_ldap_binddn'] = "cn=ldapproxy,cn=Users,dc=domain,dc=ca"; $config['auth_ldap_bindpw'] = "password";$config['auth_ldap_attr']['uid'] = "sAMAccountName"; $config['auth_ldap_attr']['uidNumber'] = "objectSid"; $config['auth_ldap_attr']['cn'] = "name"; $config['auth_ldap_attr']['dn'] = "distinguishedname"; $config['auth_ldap_objectclass'] = "person"; $config['auth_ldap_version'] = 3;$config['auth_ldap_server'] = "ldap.domain.ca";$config['auth_ldap_port'] = 389;$config['auth_ldap_starttls'] = FALSE;$config['auth_ldap_prefix'] = "CN=";$config['auth_ldap_suffix'] = ",DC=domain,DC=ca";$config['auth_ldap_group'] = array("CN=Domain Admins,OU=Users,DC=domain,DC=ca"); $config['auth_ldap_groupbase'] = "OU=Users,DC=domain,DC=ca";$config['auth_ldap_groupmembertype'] = "fulldn"; $config['auth_ldap_groupmemberattr'] = "member"; unset($config['auth_ldap_groups']); $config['auth_ldap_groups']['CN=Domain Admins,OU=Users,DC=domain,DC=C a']['level'] = 10; $config['auth_ldap_groups']['CN=Domain Users,OU=Users,DC=domain,DC=Ca ']['level'] = 1;
Is there a log somewhere that shows whats happening?
Also I am unable to start httpd on centos7 with these virtual host settings as per the installation manual:
<VirtualHost *>DocumentRoot /opt/observium/html/ServerName observium.domain.caCustomLog /opt/observium/logs/access_log combinedErrorLog /opt/observium/logs/error_log<Directory "/opt/observium/html/">AllowOverride AllOptions FollowSymLinks MultiViewsRequire all granted</Directory></VirtualHost>
Thee customlog and errorlog lines have to be commented out for the server to start. Can anyone verify that those log settings work on centos7? Perhaps I have some kind of rights issues with the files?
Thanks,
Dan.
_______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi -bin/mailman/listinfo/observiu m
_______________________________________________
observium mailing list
observium@observium.org
http://postman.memetic.org/cgi-bin/mailman/listinfo/observiu m