ldap_connect - unable to bind to server

[Always]

Hi 

 

Im trying to make a simple connect from my centos server to my test domain.

I have disabled the firewall on the Windows Server & Centos.

Installed php-ldap.x86_64 : A module for PHP applications that use LDAP

 

print scr from my AD

 

 

The ERROR i get:

Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /var/www/html/edit/ldap.php on line 16
LDAP bind failed...

I can telnet from Centos terminal too the DC fine. : telnet dc1.devlab.local 389

 

The script im using is this.

<?php 

// using ldap bind 
$ldaphost = 'dc1.devlab.local';
$ldaprdn  = 'uid=ldap,OU=testOU,DC=devlab,DC=local'; 
$ldappass = '123456ABCabc';  
$ldapport = '389';

// connect to ldap server 
$ldapconn = ldap_connect($ldaphost, $ldapport) 
    or die("Could not connect to LDAP server."); 

if ($ldapconn) { 

    // binding to ldap server 
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass); 

    // verify binding 
    if ($ldapbind) { 
        echo "LDAP bind successful..."; 
    } else { 
        echo "LDAP bind failed..."; 
    }        
} 

?>

 

Edited August 19, 2014 by Always

[Barand]

I haven't worked with AD for a while now but when I did I found the ADLDAP class invaluable.

 

https://github.com/adldap/adLDAP

[jazzman1]

Can I see the outputs of:

 netstat -t | grep :ldap

or

 netstat -t | grep :389

and 


nmap -Pn dc1.devlab.local // if you've got an namp installed on the centos-box

How about to run telnet from other domain?

[Always]

in my lab env i have a workstation also

I downloaded putty to telnet to the dc1 . I get a error msg:

 

Network error: Connection refused.

 

from cmd using windows telnet:

 

from pc1w7x64 telnet dc1.devlab.local 398

I get a blinking _

 

When i press enter i resume to c:\users\usr01>

Edited August 20, 2014 by Always

[Always]

Can I see the outputs of:

 netstat -t | grep :ldap

or

 netstat -t | grep :389

and 


nmap -Pn dc1.devlab.local // if you've got an namp installed on the centos-box

How about to run telnet from other domain?

 

the netstat -t command is on the dc1.devlab.local right? or is it on the centos terminal?

 

when i type netstat nothing happen in centos?

 

the netstat -t work on the dc1 but not the "i grep : 389" part

[Always]

from dc i can ping the centos server. but from the centos server i cant ping the dc1.devlab.local.

 

but i can ping the dc1 ip address? 

 

seem my centos can resolve the dns name?

[Always]

okay have fixed the dns issue centos can now ping dc1.devlab.local

 

the result from the nmap scan

[root@localhost /]# nmap -Pn dc1.devlab.local

Starting Nmap 6.40 ( http://nmap.org ) at 2014-08-20 14:43 EDT
Nmap scan report for dc1.devlab.local (192.168.2.11)
Host is up (0.00040s latency).
Not shown: 981 closed ports
PORT      STATE SERVICE
53/tcp    open  domain
80/tcp    open  http
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
593/tcp   open  http-rpc-epmap
636/tcp   open  ldapssl
2701/tcp  open  sms-rcinfo
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49157/tcp open  unknown
49158/tcp open  unknown
MAC Address: 08:00:27:24:E6:98 (Cadmus Computer Systems)

Nmap done: 1 IP address (1 host up) scanned in 10.66 seconds
[root@localhost /]#

Edited August 20, 2014 by Always

[jazzman1]

What is the ip address of the centos server? If the server is reachable from outside you need to PREROUTING its ip to the new destination.

Something like:

-A PREROUTING -d 10.10.1.0/24 -p tcp -m tcp --dport 90 -j DNAT --to-destination 192.168.2.11:389

This means that every machines belong to this network (10.10.1.0/24 or ip range of 10.10.1.1-255) with a request on port 90 will be redirected to 192.168.2.11 listen on port 389

I still need to see the output of netstat!