LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 11-28-2008, 01:47 PM   #1
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Colombia
Distribution: Kubuntu, Debian, Knoppix
Posts: 1,982
Blog Entries: 1

Rep: Reputation: 83
Question Ubuntu Hardy (php-ldap):Can't contact LDAP server


I just can't get it.

I'm checking with a sniffer and there's activity going on between the client and the LDAP server... as a matter of fact, the sniffer shows that the search is producing one ldap item, however, php says it can't contact the ldap server (after it has bound and everything):

Warning: ldap_search(): Search: Can't contact LDAP server in /usr/lib/squid/squid_ldap.php on line 50

Any idea what's going on? The script is working beautifully on another host with debian.
 
Old 11-29-2008, 08:26 AM   #2
ta0kira
Senior Member
 
Registered: Sep 2004
Distribution: FreeBSD 9.1, Kubuntu 12.10
Posts: 3,078

Rep: Reputation: Disabled
Does ldap work anywhere else on the system? Do you run it through PAM? If not, can you test it that way to see if it works from the host in the first place? Maybe the Debian box had certain default configurations, etc. that aren't default on the new box?
ta0kira
 
Old 11-29-2008, 09:23 AM   #3
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Colombia
Distribution: Kubuntu, Debian, Knoppix
Posts: 1,982
Blog Entries: 1

Original Poster
Rep: Reputation: 83
Well.. it's a "standalone" script. No relation to PAM. What I did as a test is make an ldap search (with ldapsearch) from the host and it worked correctly (provided I gave him all the information to make the search):

Code:
ldapsearch -D DOMAIN\\username -W -x -h 192.168.0.3 -b dc=test,dc=org
I guess that rules out the ldap library as the source of the problem, right?
 
Old 11-29-2008, 06:43 PM   #4
ta0kira
Senior Member
 
Registered: Sep 2004
Distribution: FreeBSD 9.1, Kubuntu 12.10
Posts: 3,078

Rep: Reputation: Disabled
Yes, that rules out at least the ldap system itself and access to the ldap server. Have you tried to use php manually from the command line to see if the error is there? You didn't say whether that error was via the web server or not.
ta0kira

Last edited by ta0kira; 11-29-2008 at 06:44 PM.
 
Old 11-29-2008, 09:20 PM   #5
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Colombia
Distribution: Kubuntu, Debian, Knoppix
Posts: 1,982
Blog Entries: 1

Original Poster
Rep: Reputation: 83
Its a standalone script. That error was running the script with php-cli
 
Old 12-02-2008, 10:10 AM   #6
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Colombia
Distribution: Kubuntu, Debian, Knoppix
Posts: 1,982
Blog Entries: 1

Original Poster
Rep: Reputation: 83
I just don't get it. I compiled php from source (5.2.6) with ldap from source as well (stable 20080813) and I still get the same error:

Code:
Warning: ldap_search(): Search: Can't contact LDAP server in /usr/lib/squid/squid_ldap.php on line 50
Now, if I use wrong credentials, see what wireshark says:
Code:
5	0.007668	192.168.0.3	192.168.0.2	LDAP	bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 52e, v893)
Great.... but if I do it correctly, here's what wireshark says:
Code:
5	0.006400	192.168.0.3	192.168.0.2	LDAP	bindResponse(1) success
Then, when the script goes on (and the ldap_search() arrives):
Code:
6	0.006497	192.168.0.2	192.168.0.3	TCP	34406 > ldap [ACK] Seq=32 Ack=23 Win=5840 Len=0 TSV=52446489 TSER=70626564
7	0.006925	192.168.0.2	192.168.0.3	LDAP	searchRequest(2) "dc=domain,dc=org" wholeSubtree 
8	0.011334	192.168.0.3	192.168.0.2	TCP	[TCP segment of a reassembled PDU]
9	0.011457	192.168.0.3	192.168.0.2	TCP	[TCP segment of a reassembled PDU]
10	0.011522	192.168.0.2	192.168.0.3	TCP	34406 > ldap [ACK] Seq=142 Ack=2919 Win=11632 Len=0 TSV=52446490 TSER=70626564
11	0.011544	192.168.0.3	192.168.0.2	LDAP	searchResEntry(2) "CN=My Name,OU=Blah,OU=Blah,OU=Blah,DC=DOMAIN,DC=ORG" 
12	0.050479	192.168.0.2	192.168.0.3	TCP	34406 > ldap [ACK] Seq=142 Ack=3524 Win=14528 Len=0 TSV=52446494 TSER=70626564
13	0.151755	192.168.0.2	192.168.0.3	LDAP	unbindRequest(4)
etc etc

So obviously, on the wire, there's communication between the ldap server and the client.... but then PHP tells me that it can't contact the server. Has the ldap API on PHP changed or something?
 
Old 12-02-2008, 04:54 PM   #7
ta0kira
Senior Member
 
Registered: Sep 2004
Distribution: FreeBSD 9.1, Kubuntu 12.10
Posts: 3,078

Rep: Reputation: Disabled
Not sure. See if you can reduce it to a few lines, then post it.
ta0kira
 
Old 12-02-2008, 06:40 PM   #8
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Colombia
Distribution: Kubuntu, Debian, Knoppix
Posts: 1,982
Blog Entries: 1

Original Poster
Rep: Reputation: 83
I took a nagging road to solve it: translated it into python. Now it's working. :-S
 
  


Reply

Tags
hardy


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP: Can't contact master ldap server rulirahm Linux - Networking 2 07-14-2014 02:02 AM
ldap_bind Can't contact LDAP server mesh2005 Linux - Networking 17 06-19-2014 08:44 AM
What causes -> Cannot contact LDAP server? factos Linux - Newbie 4 11-15-2007 09:18 AM
Can't contact ldap server(-1) justsimran Linux - General 0 06-14-2007 06:22 AM
nss_ldap, can't contact LDAP server! mesh2005 Linux - Networking 3 12-06-2005 01:22 AM


All times are GMT -5. The time now is 12:29 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration