Hi every one,

I'm trying to setup AuthLDAP module, but every time login look to success I have this error :
500 : Internal server error - ldap count_entries(): Argument #2 ($result) must be of type LDAP\Result, false given

My installation is a docker one (acspri/limesurvey) on the last limesurvey version.
My AuthLDAP setup is :

LDAP server: 
ldap://ad.local
Port number: 
389
LDAP version: 
LDAPv3
Enable Start-TLS: 
False
Select how to perform authentication.: 
Bind
Attribute to compare to the given login can be uid, cn, mail, ..: 
mail
Base DN for the user search operation. Multiple bases may be separated by a semicolon (: 
CN=LIMESURVEY,CN=APPLICATIONS,CN=GROUPES,CN=SUBLOCAL,DC=DOMAINE,DC=fr
Optional extra LDAP filter to be ANDed to the basic (searchuserattribute=username) filter. Don't forget the outmost enclosing parentheses: 
None
LDAP attribute of email address
None
LDAP attribute of full name
None
Check to make default authentication method: 
Yes
Automatically create user if it exists in LDAP server: 
Yes
Grant survey creation permission to automatically created users: 
Yes
Optional base DN for group restriction: 
None
Optional filter for group restriction: 
None
Allow initial user to login via LDAP: 
Yes

Our ActiveDirectory server is a Samba4 one LDAP Auth works on other web apps.
Any idear ?

Regards

> 500 : Internal server error - ldap count_entries(): Argument #2 ($result) must be of type LDAP\Result, false given

Then connection are not done … but you don't have error

Can you activate debug mode manual.limesurvey.org/Debug_mode

PS : you can report an issue about error not managed : community.limesurvey.org/bug-tracker/

If connection are not done: we must try to show error and don't go to ldap_count_entries

Hi,

Thank's for your answer, here the result in debug mode:

PHP warning
ldap_search(): Search: No such object

/var/www/html/application/core/plugins/AuthLDAP/AuthLDAP.php(524)

512                 ldap_close($ldapconn); // all done? close connection
513                 return;
514             }
515             // Now prepare the search fitler
516             if ($extrauserfilter != "") {
517                 $usersearchfilter = "(&$searchuserattribute=$username)$extrauserfilter)";
518             } else {
519                 $usersearchfilter = "($searchuserattribute=$username)";
520             }
521             // Search for the user
522             $userentry = false;
523             foreach (explode(";", $usersearchbase) as $usb) {
524                 $dnsearchres = ldap_search($ldapconn, $usb, $usersearchfilter, array($searchuserattribute));
525                 $rescount = ldap_count_entries($ldapconn, $dnsearchres);
526                 if ($rescount == 1) {
527                     $userentry = ldap_get_entries($ldapconn, $dnsearchres);
528                     $userdn = $userentry[0]["dn"];
529                 }
530             }
531             if (!$userentry) {
532                 // if no entry or more than one entry returned
533                 // then deny authentication
534                 $this->setAuthFailure(self::ERROR_USERNAME_INVALID);
535                 ldap_close($ldapconn); // all done? close connection
536                 return;
Stack Trace
#0    
–  /var/www/html/application/core/plugins/AuthLDAP/AuthLDAP.php(524): ldap_search(LDAP\Connection, "CN=LIMESURVEY,CN=APPLICATIONS,CN=GROUPES,CN=SUBLOCAL,DC=DOMAINE,DC=fr", "(sAMAccountName=formation01)", array("sAMAccountName"))
519                 $usersearchfilter = "($searchuserattribute=$username)";
520             }
521             // Search for the user
522             $userentry = false;
523             foreach (explode(";", $usersearchbase) as $usb) {
524                 $dnsearchres = ldap_search($ldapconn, $usb, $usersearchfilter, array($searchuserattribute));
525                 $rescount = ldap_count_entries($ldapconn, $dnsearchres);
526                 if ($rescount == 1) {
527                     $userentry = ldap_get_entries($ldapconn, $dnsearchres);
528                     $userdn = $userentry[0]["dn"];
529                 }
#1    
 unknown(0): AuthLDAP->newUserSession()
#2    
–  /var/www/html/application/libraries/PluginManager/PluginManager.php(269): call_user_func(array(AuthLDAP, "newUserSession"))
264                 if (
265                     !$event->isStopped()
266                     && (empty($target) || in_array(get_class($subscription[0]), $target))
267                 ) {
268                     $subscription[0]->setEvent($event);
269                     call_user_func($subscription);
270                 }
271             }
272         }
273
274         return $event;
#3    
–  /var/www/html/application/core/LSUserIdentity.php(72): LimeSurvey\PluginManager\PluginManager->dispatchEvent(LimeSurvey\PluginManager\PluginEvent)
67                 $result->setError(self::ERROR_UNKNOWN_HANDLER);
68             } else {
69                 // Delegate actual authentication to plugin
70                 $authEvent = new PluginEvent('newUserSession', $this); // TODO: rename the plugin function authenticate()
71                 $authEvent->set('identity', $this);
72                 App()->getPluginManager()->dispatchEvent($authEvent);
73                 $pluginResult = $authEvent->get('result');
74                 if ($pluginResult instanceof LSAuthResult) {
75                     $result = $pluginResult;
76                 } else {
77                     $result->setError(self::ERROR_UNKNOWN_IDENTITY);

I check php ldap module is enbable on the docker.

Goit it : github.com/LimeSurvey/LimeSurvey/blob/aa...AP/AuthLDAP.php#L267

Your ldap_search return false, connection is OK .
Maybe need to fill  LDAP attribute of full name and  LDAP attribute of email address : if yes : we must set as mandatory on Plugin.

Hi again,

Nothing change when I setup : LDAP attribute of email address and LDAP attribute of full name

Thanks for your help

No idea