Hi,
I used LTB awhile back on Solaris 10 with OpenCSW Apache, libraries,
etc. We are setting it up in our Solaris 11 environment, but I don't
seem to be able to get past this issue.
After entering my uid and email address, I am getting "Login or password
incorrect". I get the following in my Apache errors.log:
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_set_option(): supplied argument is not a valid ldap link resource
in /var/apache2/2.2/htdocs/pages/sendtoken.php on line 72, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_set_option() /var/apache2/2.2/htdocs/pages/sendtoken.php:72,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_set_option(): supplied argument is not a valid ldap link resource
in /var/apache2/2.2/htdocs/pages/sendtoken.php on line 73, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_set_option() /var/apache2/2.2/htdocs/pages/sendtoken.php:73,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_bind() expects parameter 1 to be resource, boolean given in
/var/apache2/2.2/htdocs/pages/sendtoken.php on line 77, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_bind() /var/apache2/2.2/htdocs/pages/sendtoken.php:77, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_errno() expects parameter 1 to be resource, boolean given in
/var/apache2/2.2/htdocs/pages/sendtoken.php on line 82, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_errno() /var/apache2/2.2/htdocs/pages/sendtoken.php:82, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_search(): supplied argument is not a valid ldap link resource in
/var/apache2/2.2/htdocs/pages/sendtoken.php on line 90, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_search() /var/apache2/2.2/htdocs/pages/sendtoken.php:90, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_errno() expects parameter 1 to be resource, boolean given in
/var/apache2/2.2/htdocs/pages/sendtoken.php on line 92, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_errno() /var/apache2/2.2/htdocs/pages/sendtoken.php:92, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_first_entry() expects parameter 1 to be resource, boolean given in
/var/apache2/2.2/htdocs/pages/sendtoken.php on line 99, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_first_entry() /var/apache2/2.2/htdocs/pages/sendtoken.php:99,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Warning:
ldap_get_dn() expects parameter 1 to be resource, boolean given in
/var/apache2/2.2/htdocs/pages/sendtoken.php on line 100, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP Stack trace:,
referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 1. {main}()
/var/apache2/2.2/htdocs/index.php:0, referer: http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 2.
include() /var/apache2/2.2/htdocs/index.php:136, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] PHP 3.
ldap_get_dn() /var/apache2/2.2/htdocs/pages/sendtoken.php:100, referer:
http://mfmp-ssrc-zon-xxxxxx/
[Wed Sep 16 09:35:25 2015] [error] [client 10.2.3.100] LDAP - User
bryanm not found, referer: http://mfmp-ssrc-zon-xxxxxx/
I'm unclear on how to verify "parameter 1".
We would like to push this service out statewide, and your help would be
much appreciated.
Thanks,
Bryan
LTB SSP 0.8
*Solaris*
SunOS mfmp-ssrc-zon-xxxxxx 5.11 11.2 sun4v sparc sun4v
*OpenLDAP*
/usr/lib/slapd -V
@(#) $OpenLDAP: slapd 2.4.30 (Aug 10 2015 03:18:25) $
@ul11sru-build:/builds/ul11u2sru-gate/components/openldap/build/sparcv7/servers/slapd
*Apache *
Server version: Apache/2.2.29 (Unix)
Server built: Dec 10 2014 08:15:48
Server's Module Magic Number: 20051115:36
Server loaded: APR 1.3.9, APR-Util 1.3.9
Compiled using: APR 1.3.9, APR-Util 1.3.9
Architecture: 32-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/usr/apache2/2.2"
-D SUEXEC_BIN="/usr/apache2/2.2/bin/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2/2.2/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/2.2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/etc/apache2/2.2/mime.types"
-D SERVER_CONFIG_FILE="/etc/apache2/2.2/httpd.conf"
*PHP*
PHP 5.3.29 (cli) (built: Jul 23 2015 07:32:51)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2014 Zend Technologies
with Zend OPcache v7.0.2, Copyright (c) 1999-2013, by Zend Technologies
with Xdebug v2.2.0, Copyright (c) 2002-2012, by Derick Rethans
with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH
*config.inc.php*
cat config.inc.php |egrep -v \#
<?php
$ldap_url = "ldap://mfmp-ssrc-srv-xxxxxxxx";;
$ldap_binddn = "cn=Manager,dc=ps,dc=mymarketplace,dc=com";
$ldap_bindpw = "XXXXXXXX";
$ldap_base = "dc=ps,dc=mymarketplace,dc=com";
$ldap_login_attribute = "uid";
$ldap_fullname_attribute = "cn";
$ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
$ad_mode = false;
$ad_options['force_unlock'] = false;
$ad_options['force_pwd_change'] = false;
$samba_mode = false;
$shadow_options['update_shadowLastChange'] = true;
$hash = "SHA";
$pwd_min_length = 0;
$pwd_max_length = 0;
$pwd_min_lower = 0;
$pwd_min_upper = 0;
$pwd_min_digit = 0;
$pwd_min_special = 0;
$pwd_special_chars = "^a-zA-Z0-9";
$pwd_forbidden_chars = "";
$pwd_no_reuse = true;
$pwd_complexity = 0;
$pwd_show_policy = "always";
$pwd_show_policy_pos = "above";
$who_change_password = "manager";
$use_questions = false;
$answer_objectClass = "extensibleObject";
$answer_attribute = "info";
$use_tokens = true;
$crypt_tokens = false;
$token_lifetime = "3600";
$mail_attribute = "mail";
$mail_from = "[email protected]";
$notify_on_change = true;
$use_sms = false;
$sms_attribute = "mobile";
$smsmailto = "{sms_attribute}@vtext.com";
$smsmail_subject = "Provider code";
$sms_message = "{smsresetmessage} {smstoken}";
$sms_token_length = 6;
$show_help =false;
$lang ="en";
$logo = "style/mfmp.png";
$debug = true;
$keyphrase = "secret";
$reset_request_log = "/var/log/self-service-password";
$login_forbidden_chars = "*()&|";
$use_recaptcha = false;
$recaptcha_publickey = "";
$recaptcha_privatekey = "";
$recaptcha_theme = "white";
$recaptcha_ssl = false;
$default_action = "sendtoken";
?>
*
sendtoken.php*
cat sendtoken.php |egrep -v \#
<?php
$result = "";
$login = "";
$mail = "";
$ldap = "";
$userdn = "";
$token = "";
if (isset($_POST["mail"]) and $_POST["mail"]) { $mail = $_POST["mail"]; }
else { $result = "mailrequired"; }
if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login =
$_REQUEST["login"]; }
else { $result = "loginrequired"; }
$login = stripslashes_if_gpc_magic_quotes($login);
$mail = stripslashes_if_gpc_magic_quotes($mail);
if ( $result === "" ) {
$result = check_username_validity($login,$login_forbidden_chars);
}
if ( $result === "" ) {
if ( $use_recaptcha ) {
$resp = recaptcha_check_answer ($recaptcha_privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$result = "badcaptcha";
error_log("Bad reCAPTCHA attempt with user $login");
}
}
}
if ( $result === "" ) {
$ldap = ldap_connect($ldap_url);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) {
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw);
} else {
$bind = ldap_bind($ldap);
}
$errno = ldap_errno($ldap);
if ( $errno ) {
$result = "ldaperror";
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")");
} else {
$ldap_filter = str_replace("{login}", $login, $ldap_filter);
$search = ldap_search($ldap, $ldap_base, $ldap_filter);
$errno = ldap_errno($ldap);
if ( $errno ) {
$result = "ldaperror";
error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
} else {
$entry = ldap_first_entry($ldap, $search);
$userdn = ldap_get_dn($ldap, $entry);
if( !$userdn ) {
$result = "badcredentials";
error_log("LDAP - User $login not found");
} else {
$mailValues = ldap_get_values($ldap, $entry, $mail_attribute);
unset($mailValues["count"]);
$match = 0;
foreach ($mailValues as $mailValue) {
if (preg_match("/^$mail$/i", $mailValue)) {
$match = 1;
}
}
if (!$match) {
$result = "mailnomatch";
error_log("Mail $mail does not match for user $login");
}
}}}}
if ( $result === "" ) {
ini_set("session.use_cookies",0);
ini_set("session.use_only_cookies",1);
session_name("token");
session_start();
$_SESSION['login'] = $login;
$_SESSION['time'] = time();
if ( $crypt_tokens ) {
$token = encrypt(session_id(), $keyphrase);
} else {
$token = session_id();
}
}
if ( $result === "" ) {
$method = "http";
if ( !empty($_SERVER['HTTPS']) ) { $method .= "s"; }
$server_name = $_SERVER['SERVER_NAME'];
$server_port = $_SERVER['SERVER_PORT'];
$script_name = $_SERVER['SCRIPT_NAME'];
if ( ( $method === "http" and $server_port != "80" )
or ( $method === "https" and $server_port != "443" )
) {
$server_name .= ":".$server_port;
}
$reset_url =
$method."://".$server_name.$script_name."?action=resetbytoken&token=$token";
if ( !empty($reset_request_log) ) {
error_log("Send reset URL $reset_url \n\n", 3, $reset_request_log);
} else {
error_log("Send reset URL $reset_url");
}
$data = array( "login" => $login, "mail" => $mail, "url" =>
$reset_url ) ;
if ( send_mail($mail, $mail_from, $messages["resetsubject"],
$messages["resetmessage"], $data) ) {
$result = "tokensent";
} else {
$result = "tokennotsent";
error_log("Error while sending token to $mail (user $login)");
}
}
?>
<div class="result <?php echo get_criticity($result) ?>">
<h2 class="<?php echo get_criticity($result) ?>"><?php echo
$messages[$result]; ?></h2>
</div>
<?php if ( $result !== "tokensent" ) { ?>
<?php
if ( $show_help ) {
echo "<div class=\"help\"><p>";
echo $messages["sendtokenhelp"];
echo "</p></div>\n";
}
?>
<?php if ($use_recaptcha) recaptcha_get_conf($recaptcha_theme, $lang); ?>
<table>
<tr><th><?php echo $messages["login"]; ?></th>
<td><input type="text" name="login" value="<?php echo
htmlentities($login) ?>" /></td></tr>
<tr><th><?php echo $messages["mail"]; ?></th>
<td><input type="text" name="mail" /></td></tr>
<?php if ($use_recaptcha) { ?>
<tr><td colspan="2">
<?php echo recaptcha_get_html($recaptcha_publickey, null,
$recaptcha_ssl); ?>
</td></tr>
<?php } ?>
<tr><td colspan="2">
<input type="submit" value="<?php echo $messages['submit']; ?>"
/></td></tr>
</table>
</form>
<?php } ?>
_______________________________________________
ltb-users mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-users
