Always Posted August 19, 2014 Share Posted August 19, 2014 Hi Im trying to make a simple connect from my centos server to my test domain. I have disabled the firewall on the Windows Server & Centos. Installed php-ldap.x86_64 : A module for PHP applications that use LDAP print scr from my AD The ERROR i get: Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /var/www/html/edit/ldap.php on line 16 LDAP bind failed... I can telnet from Centos terminal too the DC fine. : telnet dc1.devlab.local 389 The script im using is this. <?php // using ldap bind $ldaphost = 'dc1.devlab.local'; $ldaprdn = 'uid=ldap,OU=testOU,DC=devlab,DC=local'; $ldappass = '123456ABCabc'; $ldapport = '389'; // connect to ldap server $ldapconn = ldap_connect($ldaphost, $ldapport) or die("Could not connect to LDAP server."); if ($ldapconn) { // binding to ldap server $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass); // verify binding if ($ldapbind) { echo "LDAP bind successful..."; } else { echo "LDAP bind failed..."; } } ?> Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/ Share on other sites More sharing options...
Barand Posted August 19, 2014 Share Posted August 19, 2014 I haven't worked with AD for a while now but when I did I found the ADLDAP class invaluable. https://github.com/adldap/adLDAP Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488350 Share on other sites More sharing options...
jazzman1 Posted August 19, 2014 Share Posted August 19, 2014 Can I see the outputs of: netstat -t | grep :ldap or netstat -t | grep :389 and nmap -Pn dc1.devlab.local // if you've got an namp installed on the centos-box How about to run telnet from other domain? Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488353 Share on other sites More sharing options...
Always Posted August 20, 2014 Author Share Posted August 20, 2014 in my lab env i have a workstation also I downloaded putty to telnet to the dc1 . I get a error msg: Network error: Connection refused. from cmd using windows telnet: from pc1w7x64 telnet dc1.devlab.local 398 I get a blinking _ When i press enter i resume to c:\users\usr01> Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488423 Share on other sites More sharing options...
Always Posted August 20, 2014 Author Share Posted August 20, 2014 Can I see the outputs of: netstat -t | grep :ldap or netstat -t | grep :389 and nmap -Pn dc1.devlab.local // if you've got an namp installed on the centos-box How about to run telnet from other domain? the netstat -t command is on the dc1.devlab.local right? or is it on the centos terminal? when i type netstat nothing happen in centos? the netstat -t work on the dc1 but not the "i grep : 389" part Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488425 Share on other sites More sharing options...
Always Posted August 20, 2014 Author Share Posted August 20, 2014 from dc i can ping the centos server. but from the centos server i cant ping the dc1.devlab.local. but i can ping the dc1 ip address? seem my centos can resolve the dns name? Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488427 Share on other sites More sharing options...
Always Posted August 20, 2014 Author Share Posted August 20, 2014 okay have fixed the dns issue centos can now ping dc1.devlab.local the result from the nmap scan [root@localhost /]# nmap -Pn dc1.devlab.local Starting Nmap 6.40 ( http://nmap.org ) at 2014-08-20 14:43 EDT Nmap scan report for dc1.devlab.local (192.168.2.11) Host is up (0.00040s latency). Not shown: 981 closed ports PORT STATE SERVICE 53/tcp open domain 80/tcp open http 88/tcp open kerberos-sec 135/tcp open msrpc 139/tcp open netbios-ssn 389/tcp open ldap 445/tcp open microsoft-ds 464/tcp open kpasswd5 593/tcp open http-rpc-epmap 636/tcp open ldapssl 2701/tcp open sms-rcinfo 3268/tcp open globalcatLDAP 3269/tcp open globalcatLDAPssl 49152/tcp open unknown 49153/tcp open unknown 49154/tcp open unknown 49155/tcp open unknown 49157/tcp open unknown 49158/tcp open unknown MAC Address: 08:00:27:24:E6:98 (Cadmus Computer Systems) Nmap done: 1 IP address (1 host up) scanned in 10.66 seconds [root@localhost /]# Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488444 Share on other sites More sharing options...
jazzman1 Posted August 20, 2014 Share Posted August 20, 2014 What is the ip address of the centos server? If the server is reachable from outside you need to PREROUTING its ip to the new destination. Something like: -A PREROUTING -d 10.10.1.0/24 -p tcp -m tcp --dport 90 -j DNAT --to-destination 192.168.2.11:389 This means that every machines belong to this network (10.10.1.0/24 or ip range of 10.10.1.1-255) with a request on port 90 will be redirected to 192.168.2.11 listen on port 389 I still need to see the output of netstat! Link to comment https://forums.phpfreaks.com/topic/290542-ldap_connect-unable-to-bind-to-server/#findComment-1488451 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.