> When I run the file in the CLI, I get a successful bind and connection to the ldap server - it works as expected.
>
> However, when I load the EXACT same code in a browser through apache, I get a "cannot bind" error. Here is some output I get, when I set "ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);" in the code:
Could selinux be preventing apache from connecting out? Try disabling
selinux to test:
setenforce 0
and turn it back on after testing
setenforce 1
If turning off selinux makes it work, you may need to turn on the
selinux boolean httpd_can_network_connect:
setsebool -P httpd_can_network_connect 1
I'm no expert on LDAP, but "works interactively, fails under httpd"
has lead me in this direction before. Some other booleans may also be
involved; look at:
getsebool -a | grep http
- Bluejay Adametz, CFII, A&P, AA-5B N45210
I think part of a best friend's job should be to immediately
clear your computer history if you die. - Truths for Mature Humans
NOTICE: This message, including any attachments, is only for the use of
the intended recipient(s) and may contain confidential and privileged
information, or information otherwise protected from disclosure by law.
If the reader of this message is not the intended recipient, you are
hereby notified that any use, disclosure, copying, dissemination or
distribution of this message or any of its attachments is strictly
prohibited. If you received this message in error, please contact the
sender immediately by reply email and destroy this message, including all
attachments, and any copies thereof.
|