search

osixia / docker-phpLDAPadmin

phpLDAPadmin container image 🐳🌴
MIT License
844 stars 197 forks source link

Error: Can't contact LDAP server (-1) for user when using openldap #29

Closed Karel-van-de-Plassche closed 7 years ago

Karel-van-de-Plassche commented 7 years ago

Using the following docker-compose file, I cannot log in on the phpLDAPadmin page:

#SNIPPED
  ldap-service:
    image: osixia/openldap:1.1.8
    hostname: ldap-service
  phpldapadmin-service:
    image: osixia/phpldapadmin:0.6.12
    hostname: phpldapadmin-service
    environment:
      - PHPLDAPADMIN_HTTPS="false"
      - PHPLDAPADMIN_LDAP_HOSTS="ldap-host"
    links:
      - ldap-service:ldap-host
    ports:
      - "80:80"

Gives errors:

error   Unable to connect to LDAP server "ldap-host"
Error: Can't contact LDAP server (-1) for user
error   Failed to Authenticate to server
Invalid Username or Password.

When I log into phpldapadmin-service using

sudo docker exec -t -i gkdbdocker_phpldapadmin-service_1 /bin/bash

and install ldap-utils, I can connect to the ldap-host correctly:

root@phpldapadmin-service:/# ldapsearch -x -H ldap://ldap-host -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.org
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example Inc.
dc: example

# admin, example.org
dn: cn=admin,dc=example,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9Z1g0TWRYdE9ocVlhbWtuRENwQmJxdDRqeTFKeWg3Ylg=

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

Also, starting the containers using docker run works correctly:

docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.8
docker run -p 80:80 --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_HTTPS=false --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.6.12
robinzimmermann commented 7 years ago

@Karel-van-de-Plassche, I got it working with the following docker-compose file. Note that it doesn't using docker links, since they are superseded by networks.

version: '2'

services:

  ldap-host:
    image: osixia/openldap:1.1.8
    networks:
      mynet:
    environment:
      - LDAP_ORGANISATION="My Company"
      - LDAP_DOMAIN=my-company.com
      - LDAP_ADMIN_PASSWORD=admin

  ldap-admin:
    image: osixia/phpldapadmin:0.6.12
    networks:
      mynet:
    ports:
      - "6080:80"
    environment:
      - PHPLDAPADMIN_LDAP_HOSTS=ldap-host
      - PHPLDAPADMIN_HTTPS=false

networks:
  mynet:
    driver: bridge
    ipam:
      config:
        - subnet: 172.31.0.0/16
          gateway: 172.31.0.1
Karel-van-de-Plassche commented 7 years ago

Thanks for this workaround. In the end, I worked around it by creating my own image. Somehow then it works with the default docker-compose network.

SemaLuna commented 5 years ago

For all those poor souls that end up here alongside myself - the issue in this case (or at least what it was for me) was that you should NOT use quotation marks when defining the ENV variable PHPLDAPADMIN_LDAP_HOSTS

Example (from first compose file snippet):

msca79 commented 4 years ago

In my case it was the host computer firewall. The two docker container (openldap and phpldapadmin) can ping each other, but can not see any other port. Turning off firewall solved this problem. (Better is you configure firewall)