Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Can't contact LDAP server (-1) for user when using openldap #29

Closed
Karel-van-de-Plassche opened this issue Apr 7, 2017 · 5 comments
Closed

Error: Can't contact LDAP server (-1) for user when using openldap #29

Karel-van-de-Plassche opened this issue Apr 7, 2017 · 5 comments

Comments

@Karel-van-de-Plassche
Copy link

Using the following docker-compose file, I cannot log in on the phpLDAPadmin page:

#SNIPPED
  ldap-service:
    image: osixia/openldap:1.1.8
    hostname: ldap-service
  phpldapadmin-service:
    image: osixia/phpldapadmin:0.6.12
    hostname: phpldapadmin-service
    environment:
      - PHPLDAPADMIN_HTTPS="false"
      - PHPLDAPADMIN_LDAP_HOSTS="ldap-host"
    links:
      - ldap-service:ldap-host
    ports:
      - "80:80"

Gives errors:

error	Unable to connect to LDAP server "ldap-host"
Error: Can't contact LDAP server (-1) for user
error	Failed to Authenticate to server
Invalid Username or Password.

When I log into phpldapadmin-service using

sudo docker exec -t -i gkdbdocker_phpldapadmin-service_1 /bin/bash

and install ldap-utils, I can connect to the ldap-host correctly:

root@phpldapadmin-service:/# ldapsearch -x -H ldap://ldap-host -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.org
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example Inc.
dc: example

# admin, example.org
dn: cn=admin,dc=example,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9Z1g0TWRYdE9ocVlhbWtuRENwQmJxdDRqeTFKeWg3Ylg=

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

Also, starting the containers using docker run works correctly:

docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.8
docker run -p 80:80 --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_HTTPS=false --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.6.12
@robinzimmermann
Copy link

robinzimmermann commented Apr 11, 2017
edited
Loading

@Karel-van-de-Plassche, I got it working with the following docker-compose file. Note that it doesn't using docker links, since they are superseded by networks.

version: '2'

services:

  ldap-host:
    image: osixia/openldap:1.1.8
    networks:
      mynet:
    environment:
      - LDAP_ORGANISATION="My Company"
      - LDAP_DOMAIN=my-company.com
      - LDAP_ADMIN_PASSWORD=admin

  ldap-admin:
    image: osixia/phpldapadmin:0.6.12
    networks:
      mynet:
    ports:
      - "6080:80"
    environment:
      - PHPLDAPADMIN_LDAP_HOSTS=ldap-host
      - PHPLDAPADMIN_HTTPS=false

networks:
  mynet:
    driver: bridge
    ipam:
      config:
        - subnet: 172.31.0.0/16
          gateway: 172.31.0.1

@Karel-van-de-Plassche
Copy link
Author

Thanks for this workaround. In the end, I worked around it by creating my own image. Somehow then it works with the default docker-compose network.

@SemaLuna
Copy link

For all those poor souls that end up here alongside myself - the issue in this case (or at least what it was for me) was that you should NOT use quotation marks when defining the ENV variable
PHPLDAPADMIN_LDAP_HOSTS

Example (from first compose file snippet):

  • PHPLDAPADMIN_LDAP_HOSTS="ldap-host"
    should be
  • PHPLDAPADMIN_LDAP_HOSTS=ldap-host

@msca79
Copy link

msca79 commented Jan 21, 2020

In my case it was the host computer firewall. The two docker container (openldap and phpldapadmin) can ping each other, but can not see any other port. Turning off firewall solved this problem. (Better is you configure firewall)

@Marketos-Damigos Marketos-Damigos mentioned this issue Jul 31, 2022
Open
@proxyflux
Copy link

proxyflux commented Oct 4, 2024
edited
Loading

Setting up a new network resolved the issue for me. It doesn’t require a subnet or a gateway.

The problem arose because the default network created doesn’t have dns_enabled. As a result, when we only set PHPLDAPADMIN_LDAP_HOSTS=ldap-host, it couldn’t resolve the host name. In contrast, any newly created network has dns_enabled enabled by default, allowing it to successfully resolve the LDAP host name.

@Karel-van-de-Plassche, I got it working with the following docker-compose file. Note that it doesn't using docker links, since they are superseded by networks.

version: '2'

services:

  ldap-host:
    image: osixia/openldap:1.1.8
    networks:
      mynet:
    environment:
      - LDAP_ORGANISATION="My Company"
      - LDAP_DOMAIN=my-company.com
      - LDAP_ADMIN_PASSWORD=admin

  ldap-admin:
    image: osixia/phpldapadmin:0.6.12
    networks:
      mynet:
    ports:
      - "6080:80"
    environment:
      - PHPLDAPADMIN_LDAP_HOSTS=ldap-host
      - PHPLDAPADMIN_HTTPS=false

networks:
  mynet:
    driver: bridge
    ipam:
      config:
        - subnet: 172.31.0.0/16
          gateway: 172.31.0.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@robinzimmermann @Karel-van-de-Plassche @SemaLuna @msca79 @proxyflux