[Ltb-users] PHP Requirements El5

Clément OUDOT clem.oudot at gmail.com
Mon Oct 13 14:42:01 CEST 2014


2014-10-13 10:46 GMT+02:00 Neil <nwilson123 at gmail.com>:

> Thanks Clement,
>
> I tried the rpm on el6 and it works as well and I think I've sorted
> out my LDAP settings as I now get...
>
> [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] PHP Warning:
> ldap_get_values(): Cannot get the value(s) of attribute Decoding error
> in /usr/share/self-service-password/pages/change.php on line 121,
> referer: http://127.0.0.1:800/
> [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] PHP Warning:
> preg_match_all(): Compilation failed: missing terminating ] for
> character class at offset 2 in
> /usr/share/self-service-password/lib/functions.inc.php on line 171,
> referer: http://127.0.0.1:800/
> [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] Cannot modify
> AD password as user, referer: http://127.0.0.1:800/
> [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] PHP Notice:
> Undefined index: changehelpextramessage in
> /usr/share/self-service-password/pages/change.php on line 184,
> referer: http://127.0.0.1:800/
>
> Then if I try changing to manager as to who sets the password I get
> the following...
>
> [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Warning:
> ldap_get_values(): Cannot get the value(s) of attribute Decoding error
> in /usr/share/self-service-password/pages/change.php on line 121,
> referer: http://127.0.0.1:800/
> [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Warning:
> preg_match_all(): Compilation failed: missing terminating ] for
> character class at offset 2 in
> /usr/share/self-service-password/lib/functions.inc.php on line 171,
> referer: http://127.0.0.1:800/
> [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Warning:
> ldap_mod_replace(): Modify: Constraint violation in
> /usr/share/self-service-password/lib/functions.inc.php on line 275,
> referer: http://127.0.0.1:800/
> [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] LDAP - Modify
> password error 19 (Constraint violation), referer:
> http://127.0.0.1:800/
> [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Notice:
> Undefined index: changehelpextramessage in
> /usr/share/self-service-password/pages/change.php on line 184,
> referer: http://127.0.0.1:800/
>
>
> ...which as I see on the url you gave me says that AD won't allow me
> to reset the password as the user unless I use SSL, which I
> unfortunately can't do because I'm using Samba4 for my AD and I can't
> control the SSL certificates. Unless I've misunderstood this
> completely.
>
>

I never tested Samba4, but with AD, it indeed requires SSL to modify the
password. The constraint violation error can also mean that the password
quality is to low. Have you tried a complex password? If this does not
solve your problem, you may need to configure SSL on Samba4  LDAP.



> Do you know if there is a way around this, below are my current config
> options...
>
> $ldap_url = "ldap://192.168.0.8";
> $ldap_binddn = "myadmin at mydomain.local";
> $ldap_bindpw = "mypass";
> $ldap_base = "dc=mydomain,dc=local";
> $ldap_login_attribute = "sAMAccountName";
> #$ldap_login_attribute = "uid";
> $ldap_fullname_attribute = "cn";
> $ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
>
> $ad_mode = true;
> #$who_change_password = "user";
> $who_change_password = "manager";
>
> Not sure if there's actually a way around ?
>
>


Configuration seems ok to me.



Clément.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20141013/c20d9108/attachment.htm>


More information about the ltb-users mailing list