search

leenooks / phpLDAPadmin

phpLDAPadmin - Web based LDAP administration tool
www.phpldapadmin.org
GNU General Public License v2.0
520 stars 166 forks source link

Getting Error: 597: LDAP Server Unavailable #257

Closed shredda closed 6 months ago

shredda commented 6 months ago

Describe the bug While trying to access my LDAP server via PLA2 docker container i get the error: 597: LDAP Server Unavailable

To Reproduce Steps to reproduce the behavior:

  1. I use docker container version leenooks/phpldapadmin:2.0.0-dev
  2. I start the container with docker run -p 80:80 --env APP_KEY=base64:<> --env LDAP_HOST=127.0.0.1 leenooks/phpldapadmin:2.0.0-dev
  3. The startup messages look good: 
    
Encryption keys already exist. Use the --force option to overwrite them.
* Starting NGINX...
[22-Feb-2024 09:47:08] NOTICE: fpm is running, pid 1
[22-Feb-2024 09:47:08] NOTICE: ready to handle connections

4. Accessing the web page results in the error above
5. The console output of the docker container is:
"<myyip> -  22/Feb/2024:09:47:13 +0000 "GET /index.php" 59"
6. Capturing traffic with "tcpdump -vni any port 389" does not show any attempt to access port 389
7. Using "ldapsearch -x -H ldap://127.0.0.1/" works fine, so the ldap server responds on port 389

**Expected behavior**
Ability to login

**Screenshots**
<img width="553" alt="image" src="https://github.com/leenooks/phpLDAPadmin/assets/38114669/d1192e8c-b835-49c0-b091-d14e37324daa">

**LDAP Server details (please complete the following information):**
 - OS: Debian 10
 - Server Name OpenLDAP slapd 
 - Version 2.4.47+dfsg-3+deb10u7

**Additional context**
The exact format of the environment variable "LDAP_HOST" is not well documentet.
From the table on "https://github.com/leenooks/phpLDAPadmin/wiki/Docker-Container" i would conclude that it only contains the hostname or IP address of the ldap server. The ability to specify a Port would be nice, maybe by using URL-schemes like
ldap://ldapserver:389/
ldaps://ldapserver:636/
leenooks commented 6 months ago

Your docker run argument --env LDAP_HOST=127.0.0.1 implies that the LDAP server is in the container - which there isnt one. Change this to the address where the LDAP server is.

As per the documentation - LDAP_HOST is A resolvable hostname to your LDAP server. EG: myldapserver.example.com, it is possible to use an IP address as well.

At the moment, PLA v2 doesnt support an LDAP server on any other port other than 389 (thus no LDAPS).