Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

LDAP plug in stopped working mysteriously

I am running OSTicket v1.10.1 and using v0.6.3 of the LDAP plugin.  All of a sudden (I believe on 1/5/2018) the LDAP authentication stopped working.  Only local logins would allow anyone in.  The error showing in /var/log/httpd/error_log is: 

[Mon Jan 08 10:21:15.922957 2018] [:error] [pid 11541] [client 192.168.105.216:49162] PHP Fatal error:  Call to a member function rootDse() on a non-object in phar:///var/www/html/include/plugins/auth-ldap.phar/authentication.php on line 259, referer: http://osticket.chem.byu.edu/scp/login.php

We haven't made any changes to the configuration from when it was working before.  No updates have been applied to the server since it was working either.  I'm not sure how to get at authentication.php though.  All that is in the plugins folder is an auth-ldap.phar file, not a directory.  If you guys need any info that I haven't provided just let me know, and I am happy to get that.  hanks in advance.
Tagged:

Comments

  • Version of PHP?
    Have you tried re-saving the password in the plugin?
  • We're using PHP v.5.4.16 on RHEL 7.4.

    I have tried putting the settings back in and saving, but I got the same error that it couldn't connect to the LDAP server(s).  I also removed and reinstalled the plug-in to no avail.
  • Hmm. I'm not sure why its not working for you suddenly.  But here are a couples ideas:

    1. I would recommend that you update PHP to 5.6.

    2. Pretty sure that rootDse() is part of Pears Net_LDAP2.
    You could try to upgrade the version of net_LDAP2 that comes with the Authentication::LDAP and AD plugin  to a newer version.

    You can download it here:

    It's in the phar
    /include/plugins/auth-ldap/include/Net
    So you would have to unphar the file and copy the files over the old ones.

    You do not need to rephar it afterwards if you dont want to.  I run it unpharred personally.
  • How do I need to unphar it so OSTicket recognizes the plugin is there?  I extracted it into a folder called auth-ldap, but when I click on Add New Plugin, and then the install button for the LDAP plugin, the page refreshes and nothing has been installed.
  • That sounds like what I did.  my folder is named: auth-ldap
  • After struggling with our OSTicket installation until I wanted to blow it up, I finally tried rebuilding it from scratch in a separate VM.  On our previous installation, I had already tried all of the changes you suggested and wasn't sure what else to try.  I imported the database from the old instance, then installed the LDAP plugin, configured it, and enabled it.  It said it was able to connect to the LDAP server OK when I saved the settings, but when I tried to log in with a user from LDAP, I get an HTTP 500 error.  The error_log shows the same error as I reported in my original post.

    In the new build I am running RHEL 7.4, OSTicket v1.10.1, v0.6.3 of the LDAP plugin, Apache 2.4.6, and PHP 5.6.32.
  • The reason it's throwing 'Call to a member function rootDse() on a non-object' is because there is no `$connection` object to call `rootDse()` on...the `$connection` object is what holds the connection to the LDAP server...so it seems it can't make a connection (for whatever reason) and therefore can't proceed. Are you sure all the ports are open and the LDAP server has not changed at all in any way? Also have you checked the LDAP server's error logs?
  • edited January 18
    @KevinTheJedi: Both servers are on the same subnet of a local network.  No firewall between them.  I understand function lacks a connection object to call the method on.  The problem is not knowing why.  It worked one day and didn't the next as far as I can tell.  Other systems are able to use the LDAP server for authentication without a problem.


  • You need to check for errors then. There's no way the plugin just stops working one day by itself as it's the same code. So, it has to be a credentials issue or some kind of server configuration issue. Cheers.
  • The problem I'm running into is that if other systems can use the LDAP for authentication, that points to the problem being with OSTicket.  However, I set up a new server from scratch and had it work for a bit but then started getting HTTP 500 errors which I didn't get on the original OSTicket server because it couldn't even communicate with the LDAP.   I have verified that the credentials being used are valid.  The configuration is being accepted by OSTicket as working when input into the page and is the same configuration that worked before.

    If I clear the cache in Chrome/firefox and do a hard reload, logging in doesn't give the HTTP 500, I just get a white page with nothing on it.  It isn't loading, just sitting there doing nothing as far as I can tell.  That only works once though.  Try again without clearing the cache and I'm back to the HTTP 500 error.
  • " is that if other systems"
    Are other systems hosted on the same web server?  If not... 

    It sounds to me like there is a antivirus/firewall/endpoint protection on the ldap server thats blocking the connections.

    "
    I just get a white page "
    Then there should be a PHP error in your error logs.  Take a peek and see what it says.

  • "Are other systems hosted on the same web server?  If not... "
    They are not on the same server.  There is no firewall in the way as stated earlier, and antivirus or endpoint protection is not an issue.  The only error showing up is the one I mentioned from the very beginning.  However, there is a warning I don't recall seeing before:
    PHP Warning:  Invalid argument supplied for foreach() in /var/www/html/include/plugins/auth-ldap/authentication.php on line 152, referer: http://osticket.chem.byu.edu/scp/login.php


  • "There is no firewall in the way as stated earlier,"
    You have said that a couple times, but its walking like a duck and quaking like a duck.

    So since the code hasn't changed and was working, and now suddenly it isn't working points to a system change or server changes or network change or account permission changes as the culprit.
Sign In or Register to comment.