CODEWITHSUNDEEP
phpcentosldap
Noah
Noah

Reputation: 810

PHP on CentOS 7: LDAP could not bind to the server

I have the following code

    public function openConnection()
    {
        $this->ldapServerHandle = ldap_connect(ConfigH::getConfig()->ldap->host);

        $bindDN = ConfigH::getConfig()->ldap->serviceAccount->bindDN;

        if ($this->ldapServerHandle) {
            $this->ldapBindHandle = ldap_bind(
                $this->ldapServerHandle,
                $bindDN,
                ConfigH::getConfig()->ldap->serviceAccount->password
            );
            if (!$this->ldapBindHandle) {
                $errorMsg = "LDAP::__construct(): Could not bind the service account ".$bindDN;
                LoggerH::emergency($errorMsg);
                throw new LDAPException($errorMsg);
            }
        } else {
            $errorMsg = "LDAP::__construct(): Could not connect to the LDAP server ".ConfigH::getConfig()->ldap->host;
            LoggerH::emergency($errorMsg);
            throw new LDAPException($errorMsg);
        }
    }

The issue

I have this error causing me headaches since this morning:
Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server [...]

Everything worked fine on Windows, when I executed the code on our CentOS production server, it stopped working.

What I have already checked

What I have already tried

Additional information

Upvotes: 2

Views: 727

Answers (1)

Noah
Noah

Reputation: 810

The solution

Who uses CentOS gets SELinux, yay.
After digging even deeper in Google (such as page 4 of results) and Stackoverflow, I found the issue to be caused by SELinux restricting httpd to communicate over some ports despite the firewall being configured to allow it, including the LDAP one(s).

To allow httpd to communicate over these ports, run the following command

setsebool -P httpd_can_network_connect 1

(Original solution here (WhoIsRich's answer))

Upvotes: 2

Related Questions