* When typing in a username in add staff section im getting these error:

Call to a member function bind() on a non-object in

phar:///../upload/include/plugins/auth-ldap.phar/authentication.php on

line 170, referer: http://.../upload/scp/staff.php?a=add

* And this other error when trying to login:

Call to a member function rootDse() on a non-object in

phar:///.../upload/include/plugins/auth-ldap.phar/authentication.php

on line 250, referer: http://.../upload/scp/login.php

Enviroment:

Fresh OST install with LDAP plugin active (no AD).LDAP Authentication and lookup config:Default Domain:  ourdomain.edu

DNS Servers:    zzz.yyy.xxx.www

LDAP servers:    ldaps://ldap.ourdomain.edu (+ tried also with )

Use TLS:    No

Search User:    cn=ldap.domain.alt,ou=users,dc=ourdomain,dc=edu

Search Base:    ou=users,dc=ourdomain,dc=edu

LDAP Schema:    Autom detect

Staff Authentication: Yes

* ldapsearch works fine on server CentOS console using the above LDAP server config.

osTicket Versionv1.9.6 (9adad36)Web Server SoftwareApacheMySQL Version5.5.37PHP Version5.3.3

All php extesions active.

pear/net_ldap2 installed.

Thank you!!!

Frank

From where did you download the plugin?I would recommend to get it from osticket.com/download and not from github since then the dependencies like net_ldap2 are already built into the phar ;)Beside, take a look at the following discussion: http://forum.osticket.com/d/discussion//problems-with-ldap-auth-and-http-passthru-authentication

One more thing...At the "LDAP Servers" just enter the server names of your AD or the IP's instead of ldaps://ldap.ourdomain... since I'm not sure such kind of server name / address will work.

I'm already using the plugin from osticketws.com. I added the net_ldap2 just looking a solution, because i read it in the same discussion you quote.If I change the ldaps://ldap.ourdomain... and use the IP instead, I get the messages:Unable to connect any listed LDAP serversBind failed: Can't contact LDAP server: Unknown Net_LDAP2 Error (-1): Unable to bind to (the ldap server IP)

So from what I see this seems to be not an osTicket problem I think.Check out if the following may help:http://forum.osticket.com/d/discussion//ldap-authentication-and-lookup-errorWhen not, I'd suggest to set up a net_ldap2 test script and make sure that it connects to your ldap. When this is then working I'd check back at osTicket.

4 days later

Tested a net_ldap2 script: Can connect to our ldap server normaly and search users by cn.( We use the same script found here: http://forum.osticket.com/d/discussion//ldap-od-issue )Any idea to keep on searching?Thank you!!

ntozier, yes dowloaded from ostickets.com

That is really weird and I currently have no idea how to further troubleshoot this to find the solution, especially since a net_ldap2 test script works fine.

Maybe something to do with AD? The 'Default Domain' field is the only one we don't use in the net_ldap2 test script.We don't have any AD but we need to fill the Microsoft AD section of the plugin config page.If left empty, we get the error: Fully-qualified domain name is expectedMicrosoft® Active DirectoryThis section should be complete for Active Directory domainsDefault Domain:          ourdomain.eduDefault domain used in authentication and searches

Finally I've found what's wrong!!I've configured a new test LDAP server and it works, BUT only when the LDAP Schema is POSIX account.Our production LDAP server schema is not based on a POSIX Account and OST only accepts Microsoft AD or Posix schemas. Despite we have the same attributes needed by OST (first name, last name and mail) from the objectClass "inetOrgPerson", we cannot use OST agaist our production LDAP server. :-(Would it be possible opennig the plugin to have other Ldap schemas than Posix Account?Thank you!!!Cesc

Yes. The plugin repo is here:https://github.com/osTicket/core-plugins

Write a Reply...