LDAP Connector stops working when using INI config instead of PHP array

Go To StackoverFlow.com

0

I have this function:

<?php
private function spawnAdapter($credentials) {

    //$ldapConfig = array("server1" => array(
    //  "host" => "172.16.100.32",
    //  "useStartTls" => 1,
    //  "accountDomainName" => "schoolxp",
    //  "accountDomainNameShort" => "schoolxp",
    //  "accountCanonicalForm" => 3,
    //  "baseDn" => "DC=schoolxp",
    //));

    // We must retrieve the LDAP servers from the conf
    $ldapConfig = $this->_config->ldap->toArray();

    // Remove the log path, otherwise the adapter will think this is
    // one of our servers and fail.
    unset($ldapConfig['log']);   

    $adapter = new Zend_Auth_Adapter_Ldap(
        $ldapConfig, 
        $credentials['username'], 
        $credentials['password']
    );

    return $adapter;

}
?>

and also a ini config file that looks like the following:

[production]
ldap.log.enabled = 1
ldap.log.path = "../logs/ldap.log"
; Place your Active Directory Server Settings Here.
ldap.server1.host = "172.16.100.32"
ldap.server1.useStartTls = 1
ldap.server1.accountDomainName = "schoolxp"
ldap.server1.accountDomainNameShort = "schoolxp"
ldap.server1.accountCanonicalForm = 3
ldap.server1.baseDn = "DC=schoolxp"

The code works fine when the PHP Array is used for the Auth_Adapter, however if I switch to use the INI config it fails with an unknown error.

I have ran print_f on both the INI file array and the PHP Array and they are identical, however the LDAP adapter still throws an exception in the log file.

Interestingly the connection string in the log is identical for both the INI file and the array.. For those interested here is the log file: http://pastebin.com/V5Nyz9FK

Any light on the situation would be greatly appreciated

2012-04-03 19:56
by Brad Morris


0

It seems to me that the LDAP Adapter tries to connect to the wrong port (0). Please try to specify it using:

ldap.server1.port = 389

or whatever port you're using.

2012-04-03 20:17
by Khôi
Tried adding both 389 and 636 (LDAP over SSL/TLS) however this did not work still - I still get the "Unknown Error Code" error when trying to connect - Brad Morris 2012-04-03 20:22
Do you have a valid certificate (a self-signed one will not work) on your AD server? If not, you might want to try connecting without TLS first - Khôi 2012-04-03 21:09
That did the trick!

It doesnt explain why having it set in the ini file doesnt work however, because essentially the LDAP Adapter receives exactly the same (or so I think) array regardless of which config is used, and it works when a native PHP array is used with exactly the same setting - Brad Morris 2012-04-03 23:04

@BradMorris Then you wouldn't mind accepting my answer then? : - Khôi 2012-04-04 07:03
Although this fixes the issue, it does not really answer my question - why does this occur? Both arrays are essentially the same so why does one work and the other doesnt - Brad Morris 2012-04-04 10:26