• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

LDAP Plugin Troubles

Scheduled Pinned Locked Moved Solved
FOG Problems
3
12
2.4k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    aparker
    last edited by aparker Mar 15, 2017, 11:50 AM Mar 15, 2017, 5:49 PM

    [Wed Mar 15 11:01:20.401032 2017] [php7:warn] [pid 1887] [client 10.2.20.21:53857] PHP Warning:  sprintf(): Too few arguments in /var/www/fog/lib/plugins/ldap/class/ldap.class.php on line 829, referer: http://fogurl/fog/management/index.php
    
    1 Reply Last reply Reply Quote 0
    • A
      aparker
      last edited by Mar 15, 2017, 5:53 PM

      [Wed Mar 15 11:01:20.401092 2017] [php7:notice] [pid 1887] [client 10.2.20.21:53857] , referer: http://fogurl/fog/management/index.php
      
      G 1 Reply Last reply Mar 15, 2017, 6:02 PM Reply Quote 0
      • T
        Tom Elliott @aparker
        last edited by Mar 15, 2017, 5:54 PM

        @aparker Is samaccountname actually set to arparker on the ldap server?

        It’s making it that far, so connectivity speaking it’s working properly. At least from what I can see.

        The sprintf, while not “useful” shouldn’t be preventing issues. If you’re running 1.3.4 on all, then this error should present the same way on all systems.

        For what it’s worth I’ve found and hopefully corrected the issue of what you’ve presented here.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        A 1 Reply Last reply Mar 15, 2017, 6:01 PM Reply Quote 0
        • A
          aparker @Tom Elliott
          last edited by Mar 15, 2017, 6:01 PM

          @Tom-Elliott It is, yes. It’s the same domain across all sites and FOG servers, so samaccountname will match across all sites and domain controllers. Authentication via that same account works on the other two servers, but not this one.

          1 Reply Last reply Reply Quote 0
          • G
            george1421 Moderator @aparker
            last edited by Mar 15, 2017, 6:02 PM

            samaccountname is essentially the NT style account name.

            According to the error message the search DN MyDN (which I assume has been obfuscated) didn’t contain the user arparker

            Make sure you have the search scope setup correctly of subtree and below

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

            A 1 Reply Last reply Mar 15, 2017, 6:16 PM Reply Quote 1
            • G
              george1421 Moderator
              last edited by Mar 15, 2017, 6:05 PM

              You’ve compared the two FOG server’s settings line by line and to two ldap setups are the same, except for the ldap server being used? Have you change the non-working fog server ldap server to another site’s that is working (just to rule out the DC being at fault)?

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

              1 Reply Last reply Reply Quote 0
              • A
                aparker @george1421
                last edited by Mar 15, 2017, 6:16 PM

                @george1421 You are correct, I did obfuscate the DN. The actual DN does match that of the OU containing the group we are searching on.

                I’ve compared the configs side by side via the GUI, but was curious where these settings actually get written to compare what is actually being saved. Where are these settings saved?

                Great idea on the LDAP server, I haven’t tried that. I had been pointing it to the FQDN of the domain and letting DNS pick the closest DC. I’ll try pointing it a DC that I know works and see how that goes.

                G 1 Reply Last reply Mar 15, 2017, 6:23 PM Reply Quote 0
                • G
                  george1421 Moderator @aparker
                  last edited by george1421 Mar 15, 2017, 12:24 PM Mar 15, 2017, 6:23 PM

                  @aparker The settings are saved in the mysql/mariadb database, in the LDAPServers table.

                  Do you/are you using any non-ascii characters (umlaut or accent characters) in the search DN or user accounts?

                  As for the ldap server value, we have not tested using the fqdn of your AD. In my case I always used the IP address of the closest AD/DC server that way I “know” which server its querying.

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                  A 1 Reply Last reply Mar 15, 2017, 6:26 PM Reply Quote 0
                  • A
                    aparker @george1421
                    last edited by Mar 15, 2017, 6:26 PM

                    @george1421 No non-ascii characters in the DN or user account. I just tested a known good LDAP server, but still no dice. I even went so far as to change one of the working FOG servers from the domain FQDN to the IP of a local DC and confirmed it worked. I then used that same DC in the non-working FOG LDAP config, but authentication still fails.

                    G 1 Reply Last reply Mar 15, 2017, 6:30 PM Reply Quote 0
                    • G
                      george1421 Moderator @aparker
                      last edited by george1421 Mar 15, 2017, 12:31 PM Mar 15, 2017, 6:30 PM

                      @aparker I just sent you an IM (little talk bubble on FOG Forum tool tray).

                      And your apache error log is still throwing the same error?

                      Is there any firewall between the fog server and AD?

                      But if that was the case, the ldap plugin should have thrown a different error before this point.

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                      A 1 Reply Last reply Mar 15, 2017, 6:45 PM Reply Quote 2
                      • A
                        aparker @george1421
                        last edited by Mar 15, 2017, 6:45 PM

                        @george1421 George hooked me up after sending him a screenshot. Turned out to be something incredibly simply on my part–search scope was set to “Base and Subtree” instead of “Subtree and below”. I seriously compared these side by side I don’t know how many times, but my brain was not seeing that difference for some reason.

                        Really appreciate the help!

                        1 Reply Last reply Reply Quote 2
                        • 1 / 1
                        1 / 1
                        • First post
                          11/12
                          Last post

                        225

                        Online

                        12.1k

                        Users

                        17.3k

                        Topics

                        155.3k

                        Posts
                        Copyright © 2012-2024 FOG Project