LDAP Not Working

LDAP Not Working

by Vishal Lanke -
Number of replies: 12

Moodle version - 3.4.

Below LDAP details are verified by ADMIN of Active Directory.

I am getting error as - 

Test authentication settings - LDAP server

LDAP paged results not supported (either your PHP version lacks support, you have configured Moodle to use LDAP protocol version 2 or Moodle cannot contact your LDAP server to see if paged support is available.)


I entered below details inside Moodle -> LDAP
  • LDAP server settings section
    • Host URL: ldap://192.168.x.x
    • Use TLS: No
    • Verison: 3
    • LDAP encoding: utf-8
  • Bind settings
    • Don't cache passwords: Yes
    • Distinguished name: CN=RG IN USER, OU=UsersFunctional,OU=_Central,OU=IN,OU=RA003,DC=ad001,DC=sts,DC=net
    • Password: Pass-Word
  • User lookup settings
    • User Type: MS Active Directory
    • Contexts: DC=ad001,DC=sts,DC=net
    • Search subcontexts: Yes
    • Dereference aliases: No
    • User attribute: samaccountname
    • Member attribute uses dn: 1
  • Force change password
    • Password format: Plain text
  • Data mapping
    • First name: givenName
    • Surname: sn
    • Email address: mail


  • Distinguished name: CN=RG IN USER, OU=UsersFunctional, OU=_Central,OU=IN,OU=RA003,DC=ad001,DC=sts,DC=net

RG IN USER is able to search any user inside DC=ad001,DC=sts,DC=net. I tested this using LDP.exe. Please check below details. Server on which Moodle is hosted is also part of domain.



Settings Inside LDP

  1. Open LDP.EXE
  2. Bind to IP Address. Enter 192.x.x.x
  3. Domain = AD001, User = Z00369HG [ It is above user - RG IN USER) , Password - Enter Password
  4. Click on Bind
  5. User can see message of Success.
  6. Select Browse, Select Context as DC=ad001,DC=sts,DC=net
  7. Click on Search
  8. Path = DC=ad001,DC=sts,DC=net
  9. Search Criteria = (samAccountName=Z003948)
  10. Click on OK
  11. It  searches and returns details of Z003948 user


Still inside Moodle it is not working


Attachment LDAP.png
Average of ratings: -
In reply to Vishal Lanke

Re: LDAP Not Working

by Anze Pratnemer -
I had similar issue, my LDAP provide had FW up and prevented to access my server to LDAP service.


Had to move my server to different network to be able to access LDAP service..

Average of ratings: -
In reply to Anze Pratnemer

Re: LDAP Not Working

by Vishal Lanke -

Thanks for Quick Reply.

Server on which I have hosted Moodle is in Same network as  LDP Server. From that machine, I can access LDP.EXE and able to connect.

Average of ratings: -
In reply to Vishal Lanke

Re: LDAP Not Working

by Anze Pratnemer -

Did you try adding port 389 to server's IP?


And be sure to open that port 389 on server side.

Average of ratings: -
In reply to Anze Pratnemer

Re: LDAP Not Working

by Vishal Lanke -

I added 389 Port. Still same error.

I think port must be opened because using LDP.EXE , I am able to connect and bind to LDAP Server

Average of ratings: -
In reply to Vishal Lanke

Re: LDAP Not Working

by Anze Pratnemer -

OK, then you should check PHP settings. Do you have phpX.X-ldap installed? There are two more php packages that needs to be installed I think..


After installing, enable it in php.ini if its not yet and restart apache.

Average of ratings: -
In reply to Anze Pratnemer

Re: LDAP Not Working

by SATHISH KUMAR B -

Two packages

1. mod_ldap

2.mod_authnz_ldap 


installed httpd service and loaded with config file located at 

/etc/httpd/conf.modules.d/01-ldap.conf


and even the same error message getting.

I have tested with the following code on 3.4 and 3.5.2 versions with bind user, both are established connection ldap_connect(). But getting failed binding on 3.5.2 version.

SyntaxEditor Code Snippet

$server='ldaps://ldap.klh.local';
$admin='CN=Kumar B,CN=Users,DC=klh,DC=local';
$passwd='Kluh@xxx';

$ds=ldap_connect($server);  // assuming the LDAP server is on this host

if ($ds) {
    // bind with appropriate dn to give update access
    $r=ldap_bind($ds, $admin, $passwd);
    echo $r;
    if(!$r) die("ldap_bind failed<br>");

    echo "ldap_bind success";
    ldap_close($ds);
} else {
    echo "Unable to connect to LDAP server"; 
}
?>


Average of ratings: -
In reply to SATHISH KUMAR B

Re: LDAP Not Working

by Anze Pratnemer -

Are you completely sure, that u are actually using that config file? path to config looks like some really old version of apache..

Newer apache configs are usually  located in /etc/apache2/


To eliminate the possible php misconfig, you can install php 7.1.17 and overwrite php config with working one if you still have it.. (just be sure to overwrite correct file, backup first ofc) and tell unix to use strictly older php version. For Ubuntu: 

sudo update-alternatives --set php /usr/bin/php7.1.17


Other debug would be to run that snippet of php on some phpfiddle or even at your own machine outside Moodle ecosystem and check if it does something..



Average of ratings: -
In reply to Anze Pratnemer

Re: LDAP Not Working

by SATHISH KUMAR B -
Thanks, Anze Pratnemer


I am hosted on centos 7.5 Minimal version. The default apache config directory is  /etc/httpd


I did with updating PHP with 7.1.17 v also. again same error message showing.


Finally, I installed with Centos 7 .5 with GUI and solved the issue by setting the following 

setsebool -P httpd_can_connect_ldap 1

Now my application is working fine with LDAP configuration on all versions up to latest moodle 3.5.2 release.


Thank you 

Sathish Kumar B


Average of ratings: -
In reply to SATHISH KUMAR B

Re: LDAP Not Working

by Vishal Lanke -
Good to know that it is resolved smile


I am still facing same issue

To try different setup-

  1. I installed Bitnami Windows Moodle Stack
  2. LDAP is enabled inside PHP.INI. If I comment it, I can see error as LDAP is not configured.
  3. I have verified DN, CN settings with AD Team and it is correct.
  4. LDAP version is 3
  5. Port 389 is Enabled

Still same error.

Am I missing anything ?

Average of ratings: -
In reply to Vishal Lanke

Re: LDAP Not Working

by Vishal Lanke -

I added debug inside LDAPlib.PHP.

Below line is throwing Error-

$bindresult = @ldap_bind($connresult, $bind_dn, $bind_pw);

$bindresult is Unsuccessful 

Average of ratings: -
In reply to Vishal Lanke

Re: LDAP Not Working

by SATHISH KUMAR B -

Hi,

The same issue I am facing with ldap config 3.5.2 version with the following message, I am installing on a new server with 3.5.2 version with php 7.1.22v.


LDAP paged results not supported (either your PHP version lacks support, you have configured Moodle to use LDAP protocol version 2 or Moodle cannot contact your LDAP server to see if paged support is available.)

The same configuration is working good on moodle 3.4 version with php 7.1.17 with secure LDAP of MS Active Directory.


Sathish Kumar

Average of ratings: -
In reply to SATHISH KUMAR B

Re: LDAP Not Working

by SATHISH KUMAR B -


I am hosted on centos 7.5 Minimal version. The default apache config directory is  /etc/httpd


I did with updating PHP with 7.1.17 v also. again same error message showing.


Finally, I installed with Centos 7 .5 with GUI and solved the issue by setting the following 

setsebool -P httpd_can_connect_ldap 1

Now my application is working fine with LDAP configuration on all versions up to latest moodle 3.5.2 release.


Thank you 

Sathish Kumar B



Average of ratings: -