FogBugz Technical Support

A forum for technical support discussion related to Fogbugz.
The current FogBugz Knowledge Base can be found at http://help.fogcreek.com/fogbugz.

Posts by Fog Creek Employees are marked:

Documentation
Release Notes
Network Status

Can Fogbugz for Unix 5.0.19 use LDAP with a Linux LDAP server?

I'm trying to get LDAP authentication working with FfU 5.0.19 but am getting the following error:

 File:       /var/www/internal/fogbugz-5.0.19/Website/CPersonList.php
Line:     223
Error:     ldap_bind() [<a href='function.ldap-bind'>function.ldap-bind</a>]: Unable to bind to server: Invalid DN syntax
Browser:     Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0
Number:     0x2
QueryString:     pre=preSetupLDAP
URL:     /fogbugz/default.php?pre=preSetupLDAP
Content Type:     application/x-www-form-urlencoded
Content Length:     106
Time:     2006-12-20 16:33:32
pre:     preSetupLDAP
ixPerson:     2
pgBack:     pgMainMenu
persontimestamp:     2006-12-20 16:33:27
sPerson:     mylogin
sPassword:     mypassword
OK:     OK

Just wondering if connecting to a Linux LDAP server is supported?

My config in the Site configuration page:
Enter the name of your LDAP server: localhost
Enter your domain: <blank>

My LDAP server seems to be working otherwise...
Fred Send private email
Wednesday, December 20, 2006
 
 
Have you taken a peek at the ldap_bind function?

If you can figure out what needs to be passed there for your server, I can probably help:
http://us3.php.net/ldap_bind

(As a side note, I know this does work with PHP->Windows LDAP servers)
Michael H. Pryor Send private email
Wednesday, December 20, 2006
 
 
OK! Check this... So I had to change the code in the if ( $ds ) clause at line 219. I've marked new/changed lines with * below:

{
*$base_dn = 'dc=mydomain,dc=com';
*$full_dn = "uid=$sdomainuser,ou=People," . $base_dn;
            
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); // case 247065
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
*$br = ldap_bind($ds, $full_dn, $spassword);
if ( $br )
{
*$sr = ldap_search($ds, $base_dn, "(&(objectClass=person)(uid=" . $suser . "))", array("cn","mail","homePhone"));
$info = ldap_get_entries($ds, $sr);
if ($info["count"] < 1)
return false;
*$sldapname = $info[0]["cn"][0];
*$sldapemail = $info[0]["mail"][0];
*$sldapphone = $info[0]["homephone"][0];
ldap_unbind($ds);
}
else
return false;
}

and everything is working perfectly!

It appears that the exact arguments you have to pass into ldap_bind and ldap_search are highly dependent on how the LDAP server is set up. Obviously for Windows LDAP servers they are probably all set up the same way, but for Linux LDAP servers it's going to be up to the sysadmin since it's all set up manually.

In particular I had to pass in a different Distinguished Name to ldap_bind, a Base DN to ldap_search, and a different filter to ldap_search.

I'm not sure how you would want to support this... Well, I hope you do support it. For now I'll live with a hacked CPersonList.php file!

Thanks Michael.
Fred Send private email
Saturday, December 23, 2006
 
 
Hey Fred, thanks for the guide on how you got it to work with Linux LDAP!  Other customers have asked how to get this working, and I haven't been able to help them because I didn't have a Linux LDAP server to test with.  Now I'll point them here to get them started.
Eric Nehrlich Send private email
Friday, December 29, 2006
 
 
No problem!
Fred Send private email
Tuesday, January 2, 2007
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz Bug Tracking and Evidence-Based Scheduling.