LDAPS Port

  • Jeff Sterup

    (@foomagoo)


    5 years, 9 months ago

    Your help text under the Directory Servers input states that LDAPS will ignore the port but that is untrue. Your code strips off the port which causes our LDAP searches to fail and no one can log in if we use LDAPS. But if your code is modified starting at line 366 of wpDirAuth.php from this:

    if (strstr($dc, ':')) list($dc, $port) = explode(':', $dc);

        switch($enableSsl){
            case 1:
                $connection = ldap_connect($protocol.$dc);
                break;
            case 2:
            case 0:
            default:
                if(isset($port)){
                    $connection = ldap_connect($dc,$port);
                } else {
                    $connection = ldap_connect($dc);
                }
                break;

        }

    To this:

    if (strstr($dc, ':')) list($tlsDC, $port) = explode(':', $dc);

        switch($enableSsl){
            case 1:
                $connection = ldap_connect($protocol.$dc);
                break;
            case 2:
            case 0:
            default:
                if(isset($port)){
                    $connection = ldap_connect($tlsDC,$port);
                } else {
                    $connection = ldap_connect($dc);
                }
                break;

        }

    Then everything works fine for us. We use a non standard port. After the modification the port is included when connecting and everything works fine.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter Jeff Sterup

    (@foomagoo)

    5 years, 9 months ago

    BTW all I did was change the $dc variable names on lines 366 and 376 to $tlsDC so that only the tls connection had the port stripped off.

    Thread Starter Jeff Sterup

    (@foomagoo)

    5 years, 9 months ago

    I saw in another thread that you might be interested in someone helping you to maintain this plugin. I have a few plugins in the repository that I’ve created and currently maintaining. I could help out with this one if you’d like.

    Plugin Author Paul Gilzow

    (@gilzow)

    5 years, 9 months ago

    At some point there was a valid reason why you couldn’t use an alternate port with ldaps: protocol, but to be honest I don’t remember specifically what it was. And that reason may very well no longer be valid.

    I saw in another thread that you might be interested in someone helping you to maintain this plugin. I have a few plugins in the repository that I’ve created and currently maintaining. I could help out with this one if you’d like.

    I could definitely use the assistance. My organization has moved away from ldap to shibboleth so my focus has been there. Send me an email and I’ll get you set up to assist.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘LDAPS Port’ is closed to new replies.