NTML SSO LDAP

NTML SSO LDAP

by Chris Prot -
Number of replies: 3

LDAP works, but it gives an error when installing SSO Winbind and SAmba are configured on the servers Apache 2 Server Configuration

2024-11-26_10-40-55.png

smb.conf

2024-11-26_11-08-49.png

really redirect before you start page output

  • line 1341 of /lib/outputrenderers.php: call to debugging()
  • line 3105 of /lib/weblib.php: call to core_renderer->redirect_message()
  • line 32 of /auth/ldap/ntlmsso_finish.php: call to redirect()      

What could be the mistake?

Thanks!

     

Average of ratings: -
In reply to Chris Prot

Re: NTML SSO LDAP

by Iñaki Arenaza -
Picture of Core developers Picture of Documentation writers Picture of Peer reviewers Picture of Plugin developers

You probably have some PHP file that is outputing some content (usually some white space, or some empty new lines), before .../auth/ldap/ntlmsso_finish.php calls to redirect(). The config.php file at the Moodle root directory is one of the usual suspects (but not the only option). It could also be the auth/ldap/ntlmsso_finish.php file itself!

Make sure you don't have any empty lines or white spaces before the opening <?php tag in your PHP files, or after the closing ?> tag if you have it (you shouldn't have one, to prevent this kind of trouble precisely smile)

Otherwise, some other piece of code is outputing some content to the page, before .../auth/ldap/ntlmsso_finish.php calls to redirect()

Saludos.

Iñaki.

Average of ratings: -
In reply to Iñaki Arenaza

Re: NTML SSO LDAP

by Dan Marsden -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Plugins guardians Picture of Testers Picture of Translators
just spotted this (after) commenting on the tracker issue that you reported here:
https://tracker.moodle.org/browse/MDL-83816

There does look to be a bug in the ntlmsso_finish.php script - it shouldn't have the line here:
https://github.com/moodle/moodle/blob/main/auth/ldap/ntlmsso_finish.php#L31

But - turn debugging / display errors off (which you should have off in production anyway) and that error should go away and it should instead report a login failure on the login page (possibly as the ntlm connection is not pulling through the username correctly or the user doesn't exist in the site.)
Average of ratings: -
In reply to Dan Marsden

Re: NTML SSO LDAP

by Chris Prot -

I commented out the line and removed "developer" in debugging and set it to "standard", but the error still didn't go away. And if it does, then logging in via SSO doesn't work. The server is in a domain, checks via winbind are fine, but it doesn't work on the site page itself.

image.png

Average of ratings: -