# phpLDAPadmin Configuration



## rtwingfield (Jul 18, 2011)

I'm attempting to configure phpLDAPadmin and when I ask for this URL, http://archaxis.net/phpldapadmin/index.php, the following error is displayed in the browser:

```
Function error called incorrectly [ERROR: Setting a key [[B]A[/B]rchaxis] that isnt predefined.]
```
If the pointer in the /www/phpLDAPadmin/config/config.php file 
	
	



```
$servers->setValue('[B]A[/B]rchaxis','net','OpenLDAP Server');
```
. . .is changed to

```
$servers->setValue('[B]X[/B]rchaxis','net','OpenLDAP Server');
```
. . .then

```
Function error called incorrectly [ERROR: Setting a key [[B]X[/B]rchaxis] that isnt predefined.]
```
 will be displayed.

Can someone tell me what this means and/or what to do to correct the problem?
Where should the key be predefined?

I've configured the following (per the suggestion) in the /www/phpLDAPadmin/config/config.php file:

```
/* If you are asked to put PLA in debug mode, this is how you do it: */
$config->custom->debug['level'] = 255;
$config->custom->debug['syslog'] = true;
$config->custom->debug['file'] = '/var/log/pla_debug.log';
#  $config->custom->debug['file'] = '/tmp/pla_debug.log';
```
but the log file is not created, nor are there any entries in the http server error log.

The following directives have been added to the httpd.conf file:

```
Alias /phpldapadmin/ "/usr/local/www/phpldapadmin/htdocs/"
    
         <Directory "/usr/local/www/phpldapadmin/htdocs">
             Options none
             AllowOverride none
             Order Deny,Allow
             Deny from all
             Allow from 192.168.1 .archaxis.net
             DirectoryIndex index.php
         </Directory>
```


----------



## qsecofr (Jul 18, 2011)

Is there anything logged in /var/log/httpd-error.log?
In your config.php are there any syntax errors that include the string "Archaxis"?


----------



## rtwingfield (Jul 18, 2011)

Please see edited notes above in my first post.

This from/var/log/httpd-error.log

```
[Mon Jul 18 16:35:42 2011] [notice] SIGHUP received.  Attempting to restart
[Mon Jul 18 16:35:43 2011] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter
[Mon Jul 18 16:35:43 2011] [notice] Digest: generating secret for digest authentication ...
[Mon Jul 18 16:35:43 2011] [notice] Digest: done
[Mon Jul 18 16:35:44 2011] [notice] Apache/2.2.11 (FreeBSD) mod_ssl/2.2.11 OpenSSL/0.9.8e DAV/2 PHP/5.2.17 with Suhosin-Patch configure
d -- resuming normal operations
```
. . .and are associated with a restart of Apache.


This from /www/phpldapadmin/config/config.php

```
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('Archaxis','net','OpenLDAP Server');

/* Examples:
   'ldap.example.com',
   'ldaps://ldap.example.com/',
   'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
           (Unix socket at /usr/local/var/run/ldap) */
// $servers->setValue('server','host','127.0.0.1');

// $servers->setValue('server','port',389);
```
The previous snippet of code contains the the only spelling of "Archaxis".
I have to confess that the Examples (from /www/phpldapadmin/config/config.php.example) are somewhat confusing. 

Should I enable the $servers->setValue('server','port',389); pointer?  If so, then should the "server" argument be set to something like "archaxis.net"?  (tried but didn't work.)

This from the archaxis_access_log  . . .status code 200 indicates a successful GET

```
192.168.1.1 - - [18/Jul/2011:18:21:12 -0500] "GET /phpldapadmin/index.php HTTP/1.1" 200 89
```
 . . .so the problem must be in the phpLDAPadmin configuration . . .but where?

Apparently, this pointer/directive
	
	



```
$servers->setValue('Archaxis','net','OpenLDAP Server');
```
 in the /www/phpLDAPadmin/config/config.php is not "happy".  What should take the place of "Archaxis"?


----------



## qsecofr (Jul 19, 2011)

Snippets from my config.php

```
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('server','host','ldap://the_hostname.my_own_domain.net');
$servers->setValue('server','base',array('dc=my_own_domain,dc=net'));
$servers->setValue('login','auth_type','session');
$servers->setValue('login','bind_id','');
```

I have my own registered domain.  The base DN is mocked here as my_own_domain.net.  The host URI is the fully qualified hostname.  

HTH


----------



## rtwingfield (Jul 19, 2011)

Hey, this is great!  I cut-and_pasted your $servers->setValue args into my config.php file (correcting for my domain, of course) and _voila!_, the application started.  (Actually, it complained about permissions regarding my designation of /var/log/pla_debug.log . . .previously, I actually tried manually creating and assigning ownership, permissions, etc. just to see what would happen.  Maybe later, I'll just delete the file and re-enable the debug directives and see what happens.)

Interesting, now we move on to this message:

```
You found a non-fatal phpLDAPadmin bug!
Error:	date_default_timezone_set() [function.date-default-timezone-set]: Timezone ID ':America/Chicago' is invalid (E_NOTICE)
File:	common.php line 204, caller index.php
```

s/b 'America/Chicago' . . .without the colon (. . .a typo, probably an artifact created when updating with the vi editor), as per:

```
$config->custom->appearance['timezone'] = 'America/Chicago';]
```

Thanks for the suggestions!


----------



## rtwingfield (Jul 20, 2011)

*phpLDAPadmin Login Authentication Problem*

Login to *phpLDAPadmin* is failing to authenticate the Username or Password.

This is displayed:

```
error	Unable to connect to LDAP server
Error: Invalid credentials (49) for user
error	Failed to Authenticate to server
Invalid Username or Password.
```


The login prompt for Login DN is cn=admin,dc=archaxis,dc=net and the password used corresponds the the SSHA value in the following configurations.

this in /usr/local/www/phpldapadmin/config/config.php

```
$servers->setValue('login','bind_pass','{SSHA}56dR************************krmX');

$servers->setValue('login','allowed_dns',array('cn=admin,dc=archaxis,dc=net'));
```

and this in /usr/local/etc/openldap/slapd.conf

```
suffix          "dc=archaxis,dc=net"
[I][color="Blue"]changed[/color][/I]
rootdn          "cn=admin,o=sfs"
[I][color="Blue"]to[/color][/I]
rootdn          "cn=admin,[color="Blue"]dc=archaxis,dc=net"[/color]
rootpw          {SSHA}56dR************************krmX
```

(I must confess that I don't understand this.)


----------



## rtwingfield (Jul 20, 2011)

*How to configure the LDAP server to revel its root?*

RE:  The following *phpLDAPadmin* diagnostic message:

```
Could not determine the root of your LDAP tree.
It appears that the LDAP server has been configured to not reveal its root.
Please specify it in config.php
```

How or where is this specified in the /usr/local/www/phpldapadmin/config/config.php file?  I have specified this directive:

```
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
   auto-detect it for you. */
   $servers->setValue('server','base',array('dc=archaxis,dc=net'));
```

. . .this indicates that there is a problem with PLA and the database.	

```
dc=archaxis,dc=net
			This base cannot be created with PLA.
```

Following a suggestion to create a new BASE database, I have created this tree.ldif file:   (seems simple enough)

```
dn: dc=archaxis,dc=net,dc=ph
o: Archaxis Network Services
ou: LDAP Server
objectclass: organization
objectclass: top
```
. . .but this command fails:
[CMD=""]# slapadd -l ./tree.ldif[/CMD]

```
slapadd: line 1: database #1 (dc=archaxis,dc=net) not configured to hold "dc=archaxis,dc=net,dc=ph";
no database configured for that naming context
_#################### 100.00% eta   none elapsed            none fast!
Closing DB...
```

I found this URL, http://www.zytrax.com/books/ldap/ch8/, that contains this LDIF example:


```
## DEFINE DIT ROOT/BASE/SUFFIX ####
## uses RFC 2377 format
## replace example and com as necessary below
## or for experimentation leave as is

## dcObject is an AUXILLIARY objectclass and MUST
## have a STRUCTURAL objectclass (organization in this case)
# this is an ENTRY sequence and is preceded by a BLANK line

dn: dc=example,dc=com
dc: example
description: My wonderful company as much text as you want to place 
 in this line up to 32K continuation data for the line above must 
 have <CR> or <CR><LF> i.e. ENTER works 
 on both Windows and *nix system - new line MUST begin with ONE SPACE
objectClass: dcObject
objectClass: organization
o: Example, Inc.

## FIRST Level hierarchy - people 
## uses mixed upper and lower case for objectclass
# this is an ENTRY sequence and is preceded by a BLANK line

dn: ou=people, dc=example,dc=com
ou: people
description: All people in organisation
objectclass: organizationalunit

## SECOND Level hierarchy
## ADD a single entry under FIRST (people) level
# this is an ENTRY sequence and is preceded by a BLANK line
# the ou: Human Resources is the department name

dn: cn=Robert Smith,ou=people,dc=example,dc=com
objectclass: inetOrgPerson
cn: Robert Smith
cn: Robert J Smith
cn: bob  smith
sn: smith
uid: rjsmith
userpassword: rJsmitH
carlicense: HISCAR 123
homephone: 555-111-2222
mail: r.smith@example.com
mail: rsmith@example.com
mail: bob.smith@example.com
description: swell guy
ou: Human Resources
```

Executing the following command worked!  *phpLDAPadmin* does display a BASE tree and I think I can substitute, cut and paste from here. 
[CMD=""]# slapadd -l ./tree.ldif[/CMD]

```
_#################### 100.00% eta   none elapsed            none fast!
Closing DB...
```

Apparently my first attempt at authoring a LDIF schema was a failure because I did not include any sub nodes or tree branches . . .in other words, I've still got a lot to learn. 

I've ordered a copy of Gerald Carter's book, LDAP Systems Administration . . .at least it will add some more weight to my bookshelf.


----------

