Crivaledaz / Mattermost-LDAP

This module provides an external LDAP authentication in Mattermost for the Team Edition (free).
MIT License
364 stars 71 forks source link

Ldap error "Class PDO not found", after upgrading PHP from 5.4 to 7.3 #62

Open vasanth3855 opened 4 years ago

vasanth3855 commented 4 years ago

Earlier mattermost-ldap was working fine with php5.4.

Later we upgraded php to 7.3 and we started getting the below error.

image

Kindly help me on the same.

Thanks, Vasanth

Crivaledaz commented 4 years ago

Hi,

Mattermost-LDAP V1.X is not compatible with PHP 7. If you want to use PHP 7.3, you must update Mattermost-LDAP in V2.

If you have updated the php package, maybe you need to update dependencies too, and particularly the php-pdo and php-pgsql (or php-mysql) modules.

Besides, can you specify your configuration : which OS and http server are you using ? Do you use MySQL or PostgreSQL ? What is your database version ?

Regards

vasanth3855 commented 4 years ago

Hi,

Thanks for the response.

I have upgraded mattermost-ldap V1.X to V2, and all the dependencies related to PHP also upgraded. The above mentioned issue related PDO has been fixed by adding the lib's in php.ini.

But not I'm facing problem with LDAP, the config works with the V1 but not working with V2. image

Details: OS: Linux Server: Apache2 DB: MySQL

Thanks, Vasanth

Crivaledaz commented 4 years ago

Hi,

According to your log, it seems the bind user failed to connect to LDAP. Please check, you fill ldap_bind_dn and ldap_bind_pass in oauth/LDAP/config_ldap.php, with valid credentials. Also, verify this account has a read access to the LDAP.

Besides, note that he LDAP filter format has changed between the V1 and V2. Now the value of ldap_filter need to be surrounded by parenthesis. For example, if you have an LDAP filter objectClass=person now use the following notation (objectClass=person).

Please let me know if you keep facing this issue, and give me more logs to facilitate the debug :) You can also use the ldap.php file, from the root of this reposotiry, to debug the LDAP exchanges.

Regards,

vasanth3855 commented 4 years ago

Hi,

Actually all the given information is correct and I checked the LDAP side log also, LDAP able to authenticate the provided user. But the response I'm getting (Bool(false)) on ldap_bind method.

I used ldap.php, and in test file also getting the same issue. There is no logs in error_log.

Is there any additional library needs to be enabled in PHP.ini?

Thanks, Vasanth

Crivaledaz commented 4 years ago

Hi,

In fact, PHP need 3 modules to work with Mattermost-LDAP : php-pdo, php-mysql and php-ldap. These three modules need to be installed, in a compatible version with PHP 7.3, and enable in the php.ini. Normally, these module are enabled by default during installation.

Besides, I don't understand why these modules were enabled with PHP 5.4 and are not enabled with PHP 7.3. It's strange.

Can you check all modules are enabled ? Moreover, you should enable debug logs for Apache/PHP to get more information about your error.

Regards,

vasanth3855 commented 4 years ago

Hi,

Thanks, actually I have fixed the LDAP issue. there was issue with the ldap connection with the port and I was passing the SSL params.

Now the issue is "getoauthstatetoken invalid state token", even though there is response from LDAP. image

I checked the issue #36, but couldn't get any solution.

can you please give me some solution.

Thanks, Vasanth

Crivaledaz commented 4 years ago

Hi,

I can't be clearer than my answer in issue #36.

You need to debug your Mattermost-LDAP and for that, either use Wireshark to watch network packet exchange between Mattermost and the Oauth server, or try to perform the end of the authentication process by hand. In the second case, I recommend you to follow debug instructions in issue #5.

I can't do the debug for you, you need to do it on your own instances. However, feel free to come back here to give us update about your debug process and what you find. In this case, describe clearly what you have done in what context and what you got. The complete debug process you have tried is needed to help you.

Regards,