Noviceuser's picture

 Ok so I just DL'd PHPBB a few hours ago and have been playing with it, trying to set everything in motion.

 

When I go to Client Communication -->  Authentication I have the drop-down option of LDAP however when I put everything in I get a message stating:

 

Information

LDAP extension not available.

 

 

What do I need to do to get this working?

Forum: 
Jeremy Davis's picture

I can't answer this question directly but while you wait for someone else I have a few ideas...

From my reading of this page it seems like that is something that is generally set up on install (although I only skimmed it, probably pay to read it properly to be sure). I suspect there is a way of doing it post install though. Maybe have a look on the phpBB support pages or forums or even post there. In my very brief travels over there I did notice something about setting it up in the Administration page?!

As the Appliance page does not mention LDAP at all perhaps LDAP is not something available by default? Being open source I am sure there is a way to get it working, although it may take a little research.

Noviceuser's picture

 Ok here's the thing...

 

There is no "install" if you will with the Turnkey "installation".  In other words it's all automated.  So when I installed I only was able to provide an IP address and that was it!

I did find the setup portion on the ACP.  It is under  Client Communication --> Authentication

Then you select Ldap from there and fill out the required settings.

The first time I tried it I was receiving an error along the lines that it is "not available".  So I tried to track that down and I found how to add it on the "jumpbox" appliance install.  That seemed to install for me as well and then my error changed to the one I put up here about not being able to bind to account etc.

I just can't figure out if there is something I'm missing or what.  I want to install this on a VM and this seemed to be the quickest/easiest way to do so but it may be missing quite a few things.  If nobody else responds to this with any knowledge on this then I may just try to install this VM from the beginning again and see if I missed ANYTHING having to do with LDAP on installation and then probably just install as a full install appliance etc.

Noviceuser's picture

I did try the support pages and forums over at the phpbb site as well as MANY other places however the issue is that the "appliance" install seems to be missing some things or has some things in different places.  I did try to get OPENLdap working and still something seems to be "off".  I don't understand really because everything from within the ACP shows PHP having what it needs and that it's enabled etc. 

Jeremy Davis's picture

It all sounds very strange! What you are saying suggests to me the possibility of a bug in the TKL phpBB appliance. Unfortunately I am not in a position to test this to confirm that possibility.

If LDAP support appears to be enabled but doesn't work then in my mind that would be a bug. However if the devs did not plan for LDAP support (either intentionally or unintentionally) then it is more a situation of unsupporteddded funtionality. We really need to hear from Alon or Liraz to confirm this either way.

As for my reference to "something that is generally set up on install" I wasn't referring to you installing the TKL appliance, but the actual install of phpBB on the initial prototype (or master) that the TKL devs created (which was then converted to an iso/vm image). Thus I was suggesting the possibility that this function may not have been initially included. This would be well outside of your control during install of TKL phpBB.

To confirm whether it is a TKL bug and/or phpBB bug and/or a specific site/system LDAP bug it may be worth using TKL LAMP as a base and installing phpBB on top of that yourself. I remember installing phpBB some time ago and it was all pretty straightforward from memory. Probably even more-so on top of TKL LAMP (I did it from scratch - although admitedly on a Windows Server system using WAMP as a base).

If you choose to tread this path then please document this process so that (assuming it works) you could feed this info back to Alon and Liraz.

Good luck!

Noviceuser's picture

 Ok... 

I did go and install LAMP TKL and install PHPBB and the same thing...  nothing.  I followed straight-up install guide from PHPBB.  

I think the issue here has to do with LDAP support from PHP.  Apparently in the LAMP or PHPBB install (which I assume has LAMP underneath it) TKL did not install LDAP support in PHP.

From what I have found from that, if you install when you setup your box (meaning setting up the "P" in LAMP) it is straight forward (mostly reading from how-to forge it seems that way anyway) but "adding" it after the fact seems almost near impossible if you don't know what you are doing (which is part of the reason (mostly with php) that I chose to go this route.

I have posted on PHPBB's...  well BB in the support section about this trying to find out what I can.  I will definitely report back any findings on this as I'm sure I'm not the only one that is looking to do this.  The only thing I've found so far is that I have to recompile the PHP install and start over again :(  Hopefully this is not true.

Alon Swartz's picture

I quickly skimmed the above posts, so I hope I am not missing anything. From what I understand you need the LDAP PHP libraries. Installing them should be as simple as:
apt-get update
apt-get install php5-ldap
Just to be clear, you should already have an LDAP server setup so phpBB can use it.

I hope the above helps. If it does, let us know and we will include php5-ldap in future versions of TurnKey phpBB.
Noviceuser's picture

I believe I already did this from one of the things I read about.  Yes...  I read about it on a jumpbox post of a similar thing.

I cannot find the "code" box on here but I just ran it and this is what I got: (great now I don't know how to get out)  The return is below at the bottom of the post.

 

What happened was when I did this I noticed that in the ACP in PHP setup I had 2 areas that referred to LDAP; they both said they were working (or enabled) and my error message turned from the "not installed" to the "Could not bind with username/password" error.

What kills me is that I don't see anything on the logs on my AD DC that shows a request was made and dropped etc.  And I don't know where any log is on the *nix box to look through to see just what may be causing the issue.

I know that if I fill out the information and leave the "password" field blank I get a "could not connect to LDAP server" message and when I fill out the password I get a "could not bind..." error message which is strange to me considering I should still be trying a password.  So it makes me think that Yes something is connecting to LDAP and SEEING it but somehow it's not doing SOMETHING.  

I even read where people said they had to create an account with the same name for it to "bind" to but even that didn't help.

I am going to open up a fresh VM, and run the php-ldap install and then try (without touching anything else) to see if I can connect....

Ok same thing.  I don't know if it is settings or what.  I've followed what everyone has said:

Method: Ldap
Server:  [IP Address]
Port:  BLANK (Default)
BaseDN:  DC=domain,DC=com         (would represent my domain as domain.com)
LDAP uid:  sAMAccountName         (setting I got from numerous posts)
Filter:    BLANK
LDAP e-mail attribute:  mail          (again another setting found online)
LDAP user dn:  CN=administrator,OU=Users,DC=domain,DC=com          (representing administratior of domain.com)
LDAP pass:  [password for administratior of domain.com account]

 

Maybe I'm wrong somewhere here?

 

 

root@phpbb:~# sudo apt-get install php5-ldap
Reading package lists... Done
Building dependency tree
Reading state information... Done
php5-ldap is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
 

 

Noviceuser's picture

 Ok got it working....

Thanks to a  post here:  http://www.phpbb.com/community/viewtopic.php?f=46&t=576624&start=0

The caveat is that you must create a user in phpbb that has an account in AD that you make an owner/admin IN phpbb.

After you have that it's just a matter of the CORRECT settings.  For my settings I said I used I had one line WRONG:

USERdn:  CN=administrator,CN=Users,DC=domain,DC=com

I hda OU=Users which is WRONG!

So as long as that is there, you should be ok.  I tested on a "fresh" server install and it worked immeidately.

Thank you everyone.

Alon Swartz's picture

You mentioned you got it working on a fresh install, so you didn't need to install php5-ldap? Also, could you summarize what you did into tutorial form, I'm sure it will help others who come across this thread.
Jeremy Davis's picture

But I have never used php-ldap so can't specifically comment...

I spent heaps of time initially trying to get LDAP logins working with Alfresco. It sounds similar to your issue (it seemed to be connected but then wouldn't allow log in from users).

In the end I found a 'LDAP browser' type GUI app (installed on my laptop which is not part of the work domain) to test LDAP connections. Once I tried to connect to LDAP with that I discovered that my Win (2008R2) server wasn't quite configured right... A few tweaks in Windows and it all worked fine. It was a while ago so I'm sorry I don't recall exactly what the issue was...

IIRC what made it harder to pin down was that my initial testing (with the GUI app) was from a Win computer that was on the Windows domain. I can only assume that because that computer was part of the domain, LDAP (from that PC) worked fine OOTB...

Although obviously if you are already using LDAP elsewhere successfully then maybe that isn't your issue!?

Add new comment