Auth LDAP + CAS sporadic bind error

Auth LDAP + CAS sporadic bind error

by jasper boyd -
Number of replies: 2

Hey all, having a weird sporadic bind error with our authentication system. The error happens roughly 10% of the time but will still pass you through if you hit continue.

The Error reads:

LDAP-module cannot connect to any servers: Server: 'ldaps://animal.clarku.edu', Connection: 'Resource id #85', Bind result: ''

With Stacktrace:


  • line 476 of /lib/setuplib.php: moodle_exception thrown
  • line 2084 of /auth/ldap/auth.php: call to print_error()
  • line 246 of /auth/ldap/auth.php: call to auth_plugin_ldap->ldap_connect()
  • line 469 of /auth/cas/auth.php: call to auth_plugin_ldap->get_userinfo()
  • line 3905 of /lib/moodlelib.php: call to auth_plugin_cas->get_userinfo()
  • line 4244 of /lib/moodlelib.php: call to update_user_record()
  • line 139 of /login/index.php: call to authenticate_user_login()


Tracked down in the logs here:

Jun 10 15:46:11 <servername> slapd[2881]: conn=###### fd=## ACCEPT from IP=###.###.#.##:56227 (IP=###.###.#.#:636)
Jun 10 15:46:11 <servername> slapd[2881]: conn=###### fd=## closed (TLS negotiation failure)

We're using the lastest version of moodle 2.5 and I'm wondering if this could potentially be fixed in 2.6 or 2.7 although we don't have php 5.4 on our test servers so I have no expedient way to find out.

All the LDAP setup of information should be correct (if it wasn't I don't we'd be able to login at all)
Average of ratings: -
In reply to jasper boyd

Re: Auth LDAP + CAS sporadic bind error

by jasper boyd -

In case this happens to anyone else I was able to fix this with the following lines in /auth/ldap/auth.php

in the ldap_connect method aprox. line 2040 (bolded parts are my additions):


function ldap_connect($tries = 0) {

        if(!empty($this->ldapconnection)) {
            $this->ldapconns++;
            return $this->ldapconnection;
        }

        if($ldapconnection = ldap_connect_moodle($this->config->host_url, $this->config->ldap_version,
                                                 $this->config->user_type, $this->config->bind_dn,
                                                 $this->config->bind_pw, $this->config->opt_deref,
                                                 $debuginfo, $this->config->start_tls)) {
            $this->ldapconns = 1;
            $this->ldapconnection = $ldapconnection;
            return $ldapconnection;

        } else {
                if($tries == 3){
                        print_error('auth_ldap_noconnect_all', 'auth_ldap', '', $debuginfo);
                } else {
                        ldap_connect($tries++);
                }
        }
    }



Average of ratings: Useful (1)
In reply to jasper boyd

Re: Auth LDAP + CAS sporadic bind error

by Matthew Koelling -

Thank you for this Jasper.

Any reason why this is happening seems kinda weird to me. We are using 2.8 and having the same problem but your suggestion fixed the issue.

Average of ratings: -