Thread:Extension talk:LDAP Authentication/Binding hangs for two minutes, then fails after server move, PHP upgrade

Ubuntu 14.04

MediaWiki: 1.22

PHP: 5.5.9

LdapAuthentication: 2.1.0 according to this line in LdapAuthentication.php: define( "LDAPAUTHVERSION", "2.1.0" );

Everything seemed to be working with identical versions of MediaWiki and LdapAuthentication on another server with a similar environment: CentOS 5.10

PHP: 5.4.29

I installed everything fresh on the new server, copied the LDAP config in LocalSettings.php.

Now, when anybody tries to log in, the browser sits waiting for data for about two minutes, then displays a bad password error. The log revels that binding to the proxy agent failed. I know the credentials are good because I use the same ones on the old server, which is still working.

Has anybody else had success using this plugin on PHP 5.5.x?

The LDAP log shows:

2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering validDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 User is using a valid domain (mydomain). 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Setting domain as: mydomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getCanonicalName 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Username is: John-doe 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Munged username: John-doe 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getCanonicalName 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Username is an IP, not munging. 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getCanonicalName 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Username is an IP, not munging. 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering userExists 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering authenticate for username John-doe 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering Connect 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Using TLS or not using encryption. 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Using non-standard port: 389 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Using servers: ldap://mydomain.com:389 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getSearchString 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getUserDN 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Doing a proxy bind 2014-06-20 19:00:50 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Failed to bind as CN=Web LDAP Lookup,OU=Other,DC=mydomain,DC=com 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Failed to bind 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 userdn is: 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 User DN is blank 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering allowPasswordChange 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering modifyUITemplate 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering getDomain 2014-06-20 19:02:57 my-server.com prog_wiki: 2.1.0 Entering getDomain

The config used looks like this: require_once 'extensions/LdapAuthentication/LdapAuthentication.php'; $wgAuth = new LdapAuthenticationPlugin;
 * 1) LDAP

$wgLDAPDomainNames = array( 'mydomain' );

$wgLDAPServerNames = array( 'mydomain' => 'mydomain.com' );

$wgLDAPEncryptionType = array( 'mydomain' => 'clear' );

$wgLDAPPort = array( 'mydomain' => 389 );

$wgLDAPProxyAgent = array( 'mydomain' => 'CN=Web LDAP Lookup,OU=Other,DC=mydomain,DC=com' );

$wgLDAPProxyAgentPassword = array( 'mydomain' => 'apasswordthatisdifferentthanthisone' );

$wgLDAPUseLDAPGroups = array( 'mydomain' => true );

$wgLDAPGroupUseFullDN = array( "mydomain"=>true ); $wgLDAPGroupObjectclass = array( "mydomain"=>"group" ); $wgLDAPGroupAttribute = array( "mydomain"=>"member" ); $wgLDAPGroupSearchNestedGroups = array( "mydomain"=>true ); $wgLDAPGroupNameAttribute = array( "mydomain"=>"cn" ); $wgLDAPActiveDirectory = array( "mydomain"=>true );

$wgLDAPSearchAttributes = array( 'mydomain' => 'sAMAccountName' );

$wgLDAPBaseDNs = array( 'mydomain' => 'dc=mydomain,dn=com' );

$wgLDAPUserBaseDNs = array( 'mydomain' => 'ou=someunit,DC=mydomain,DC=com' );

$wgLDAPDebug = 3; $wgDebugLogGroups['ldap'] = '/tmp/debug.log';