Hi Luckmore, Welcome to the VCL community! Thanks for your interest in using VCL.
It sounds like your LDAP configuration is mostly correct. You have affiliationid set to 6 for your "BU LDAP" entry. Do you have an entry in your affiliation table with and id of 6? I'd recommend enabling php error logging so that you can see what error is being hit a little more clearly. I'd recommend modifying /etc/php.ini and configuring it to log to syslog. You'll also need to ensure log_errors is set to On. log_errors = On error_log = syslog You can also configure it to log to a file, but getting the permissions correct for that to work can be tricky. The file has to be owned by the same user that httpd runs as. After modifying php.ini, you'll need to restart httpd. Once you have logging enabled, try logging in with LDAP again and see if you see more information about the error in /var/log/messages. Let us know how it goes. Josh On Monday, September 21, 2020 4:47:23 PM EDT L Chirongo wrote: > Hello, > > I have set up LDAPS on my Active directory to authenticate VCL using a > self-signed wildcard certificate. Running *generic.php* is successful, > giving a *Binding successful* message. > > Also, running *openssl s_client -showcerts -CAfile > /etc/pki/tls/certs/ca-bundle.crt -connect ad1.domain.ac.bw:636 > <http://ad1.domain.ac.bw:636>* gives a *“Verify return code: 0 (ok)”* > message. > > However when I try to authenticate using LDAP in VCL I get Error: An error > has occurred. If this problem persists, please email... > > Attached are configured parts of my generic.php, conf.php and ldapauth.php > files. > > Thanks in advance for assistance. > > Regards, > Luckmore Chirongo -- ------------------------------- Josh Thompson Systems Programmer Virtual Computing Lab (VCL) North Carolina State University josh_thomp...@ncsu.edu 919-515-5323 my GPG/PGP key can be found on pool.sks-keyservers.net All electronic mail messages in connection with State business which are sent to or received by this account are subject to the NC Public Records Law and may be disclosed to third parties.
signature.asc
Description: This is a digitally signed message part.
