Support » Plugin: Active Directory Integration / LDAP Integration » Unclear on connection error message meaning

  • Resolved ebertucc

    (@ebertucc)


    Hi,

    I’m trying out the free version of the plugin and am attempting to connect to my LDAP server for the first time. I’m getting an error when testing the connection with the “Bind anonymously” option checked, and one of the possible reasons listed in the error message is this:

    LDAP server is unreachable – Open a command prompt and see if you are able to ping the your LDAP server (e.g. type this command on a command prompt ping my.ldap.server. If ping is successful then only ‘contact ldap server’ will work.

    Specifically, I’m not sure what “If ping is successful then only ‘contact ldap server’ will work” means. I can successfully ping the server, but the button I pressed in the plugin that yielded this error to begin with is labeled “contact ldap server”, and that didn’t work.

    Could I get some clarification on this?

    Cheers.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author miniOrange

    (@cyberlord92)

    It is an incorrect message. We will be fixing that. You do not need to enable ping. However, access over port 389/636(whichever one is supported on your directory server) needs to be allowed from the website. There is a known issue with CentOS due to SEBooleans. You can look at the steps in the link below to bypass that.

    https://faq.miniorange.com/knowledgebase/test-connection-error/

    Thanks for the response.

    I eventually figured out my problem. For anyone else running Windows, you may have to manually add an ldap.conf file at c:\openldap\sysconf\ldap.conf

    Mine just contains the line “TLS_CACERT c:\path\to\certs\cacert.pem” and it works fine now.

    Evidently, this openldap\sysconf path is hardcoded, so the file has to go there. See the discussion here (and elsewhere in the comments): https://www.php.net/manual/en/function.ldap-connect.php#36156

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.