Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Search by Keyword

Search by User Name

Exact Name

Find Posts from

Sort Results by

Search at a specific date

Jump to Result Number

Search in Categories Also search in sub-categories

Search Results (Searched for: ldap)

DenisChenu

16 Oct 2025 09:20

Replied by DenisChenu on topic LDAPS connection issue from LimeSurvey (IIS + Windows Server + AD setup)

Oups,
Seems ldap_helper is used for ldap import

Here : github.com/LimeSurvey/LimeSurvey/blob/42...AP/AuthLDAP.php#L327

Out here : github.com/LimeSurvey/LimeSurvey/blob/42...AP/AuthLDAP.php#L346 ?

sena0112

16 Oct 2025 04:14 - 16 Oct 2025 04:15

Replied by sena0112 on topic LDAPS connection issue from LimeSurvey (IIS + Windows Server + AD setup)

Hi Denis, thanks for the reply.

I’ve the latest version with the PR applied (github.com/LimeSurvey/LimeSurvey/pull/4217), and I confirmed that my ldap_helper.php matches the updated code. My LDAP plugin config is also correct: use_start_tls = false, LDAPv3, port 636 for LDAPS, proper bind DN and password.

Despite this, I still can’t login via LDAPS—connections to port 636 work from the server (IIS) using PHP test scripts, and normal LDAP (389) works.

Could anyone advise on further steps to debug or confirm LDAPS is fully functional in LimeSurvey?

Thanks in advance.

DenisChenu

15 Oct 2025 11:15

Replied by DenisChenu on topic LDAPS connection issue from LimeSurvey (IIS + Windows Server + AD setup)

Strange
github.com/LimeSurvey/LimeSurvey/pull/4217
fix such issue.

sena0112

15 Oct 2025 10:42 - 15 Oct 2025 10:48

LDAPS connection issue from LimeSurvey (IIS + Windows Server + AD setup) was created by sena0112

Please help us help you and fill where relevant:
Your LimeSurvey version: 6.15.15
Own server or LimeSurvey hosting: Own Server
Survey theme/template: Default
==================
I’ve set up LimeSurvey on IIS in an air-gapped Windows Server 2022 environment with Active Directory and MySQL. LDAP (port 389) authentication works fine, but switching to LDAPS (636) fails with the error “Can’t contact LDAP server.”
What I’ve done so far:

Environment:
- VM1 – Domain Controller (dc01.survey.local) with CA installed
- VM2 – IIS + LimeSurvey
- VM3 – MySQL
- VM4 – Client for testing
Verified LDAPS from VM1:
- ldp.exe connects successfully to dc01.survey.local:636
- PowerShell test with [System.DirectoryServices.Protocols.LdapConnection] works
- PHP test (openssl + ldap_connect) still fails with "Can't connect to LDAP server"
Certificates:
- DC has a cert issued by the internal CA using the Domain Controller template
- Subject is empty but SAN includes dc01.survey.local, survey.local, and SURVEY
- Verified with certutil that the CA cert is trusted on the IIS server
- openssl_x509_parse() returns the parsed array successfully
LimeSurvey config:
- LDAP server: ldaps://192.168.163.129
- Port: 636
- LDAP version: 3
- StartTLS: off (tested both on/off)
- Referrals: off
- Bind DN: CN=Administrator,CN=Users,DC=survey,DC=local
- Base DN:CN=Users,DC=survey,DC=local
- Attribute: sAMAccountName

All LDAPS tests from OS level succeed, but LimeSurvey cannot connect, returning “Can’t contact LDAP server.”

Has anyone successfully configured LDAPS for LimeSurvey on IIS/Windows Server with AD?

Mazi

10 Oct 2025 12:33 - 10 Oct 2025 12:34

Replied by Mazi on topic LDAP authorization

Thanks a lot for sharing your solution!

We have also included the mentioned fix at our plugin variation. If you are interested in an advanced version of the LDAP plugin which supports an automatic update of user full name and email address at every login, check this free Auth LDAP LimeSurvey Plugin:
survey-consulting.com/product/extended-a...p-limesurvey-plugin/

Mazi

10 Oct 2025 12:30

Replied by Mazi on topic LDAP Authenticated Bind

If you are interested in an advanced version of the LDAP plugin which supports an automatic update of user full name and email address at every login, check this free Auth LDAP LimeSurvey Plugin:
survey-consulting.com/product/extended-a...p-limesurvey-plugin/

DenisChenu

18 Sep 2025 16:02 - 18 Sep 2025 16:03

Replied by DenisChenu on topic Récupérer une valeur depuis $_SESSION dans une question

OK !

Dans ce cas : je fais de l'authentification par participant et donc rempli les attributs

gitlab.com/SondagesPro/TokenManagement/LdapTokenAuthenticate
gitlab.com/SondagesPro/TokenManagement/W...verTokenAuthenticate

Sinon, sans passer par les token : github.com/LimeSurvey/LimeSurvey/blob/e4...ger_helper.php#L4651 tenter de remplir la session

Code:

$_SESSION['survey_1234']['startingValues']['1234X123X123'] = 'value'

DenisChenu

08 Sep 2025 09:01

Replied by DenisChenu on topic Skipping login page

With IIS + AD : you can use LDAP login www.limesurvey.org/manual/Authentication_plugins#LDAP

Else : you have some existing plugins
github.com/univlorraine/limesurvey-cas
github.com/atlet/LimeSurvey-ShibbolethAuth
github.com/BDSU/limesurvey-oauth2

stefanosts

23 May 2025 14:52

Replied by stefanosts on topic AuthLDAP with Active Directory not working

What is the proper way to enable debug mode and full logging for LDAP? I only managed to enable debug mode but I could not find any way to check any actuals logs. Neither specific to LDAP nor generic.

I appreciate any help

Thanks

DenisChenu

21 May 2025 08:38

Replied by DenisChenu on topic AuthLDAP with Active Directory not working

stefanosts wrote:
anybody had any luck in using AuthLDAP with Active Directory?

I have it… and no issue.

No idea here.

stefanosts

20 May 2025 19:27 - 20 May 2025 19:27

Replied by stefanosts on topic AuthLDAP with Active Directory not working

anybody had any luck in using AuthLDAP with Active Directory?

DenisChenu

02 May 2025 18:05

Replied by DenisChenu on topic Comment mettre une authentifi SSO en front pour accèder à un questionnaire ?

gitlab.com/SondagesPro/TokenManagement/LdapTokenAuthenticate
gitlab.com/SondagesPro/TokenManagement/W...verTokenAuthenticate
gitlab.com/SondagesPro/TokenManagement/OrcidAuthenticate

For LDAP with LimeSurvey 6 ! Take this one gitlab.com/SondagesPro/TokenManagement/L...ested?ref_type=heads and report issue if it work or not.

Leroy75

02 May 2025 15:40

Comment mettre une authentifi SSO en front pour accèder à un questionnaire ? was created by Leroy75

Please help us help you and fill where relevant:
LimeSurvey version: [see right hand bottom of your LimeSurvey admin screen]
Own server or LimeSurvey Cloud:
Survey theme/template:
==================
(Write here your question/remark)Please help us help you and fill where relevant:
LimeSurvey version: [6.13.1]
Own server : hébergé sur notre serveur : u-paris.fr
Survey theme/template: Bootswatch
==================
Bonjour,
Nous sommes une université et cherchons à mettre en place une authentification SSO pour accéder en front à un questionnaire.
Nous souhaiterions injectés des données prérempli dans un questionnaire et que les données rattachées à l'utilisateur (connecté en SSO) s'affichent dans sa session.
L'utilisateur doit pouvoir ensuite modifier ces informations et valider le questionnaire.

Est-ce possible de faire cela avec LimeSurvey ?
Nous avons un annuaire LDAP.

Cordialement

stefanosts

30 Apr 2025 17:11 - 02 May 2025 11:08

Replied by stefanosts on topic AuthLDAP with Active Directory not working

Hi,

The script I used for testing the ldap connection from the same server limesurvey is installed to the actual LDAP server is this:

Code:

<?php
$ldap_host = "ldap://ldap.server.IP.address";
$ldap_port = 389;
$bind_dn   = "CN=bind_user,OU=User Account,DC=domain,DC=com";
$bind_pwd  = "bind_user_password";
$base_dn   = "ou=actual ou,dc=domain,dc=com";
$username  = "username of actual user on AD";        // sAMAccountName of a real AD user
 
$filter = "(&amp;;(objectClass=user)(sAMAccountName=$username))";
 
$ds = ldap_connect($ldap_host, $ldap_port);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
 
if (!$ds) {
    die("Could not connect to LDAP server");
}
 
echo "Connected to LDAP<br>";
 
if (!ldap_bind($ds, $bind_dn, $bind_pwd)) {
    die("LDAP bind failed<br>");
}
 
echo "Bind successful<br>";
 
$search = ldap_search($ds, $base_dn, $filter);
$entries = ldap_get_entries($ds, $search);
 
if ($entries["count"] == 0) {
    die("User not found in LDAP<br>");
}
 
$user_dn = $entries[0]["dn"];
 
echo "Found user: $user_dn<br>";
 
// Now try binding as the actual user
$user_password = "password_for_test_user"; // AD password
if (@ldap_bind($ds, $user_dn, $user_password)) {
    echo "<strong>LDAP login successful for user $username</strong>";
} else {
    echo "<strong>LDAP login failed for user $username</strong>";
}
?>

Using the above script, both the bind and search as well as the login test worked successfully.

Activating debug and testing just shows the following, I do not see any LDAP activity in it:

Code:

system.db.CDbCommand.query(SHOW FULL COLUMNS FROM lime_surveys)    1    0.00288    0.00288    0.00288    0.00288
system.db.CDbCommand.query(SHOW FULL COLUMNS FROM lime_plugins)    1    0.00106    0.00106    0.00106    0.00106
system.db.CDbCommand.query(SHOW FULL COLUMNS FROM lime_plugin_settings)    1    0.00100    0.00100    0.00100    0.00100
system.db.CDbCommand.query(SHOW FULL COLUMNS FROM lime_settings_global)    1    0.00098    0.00098    0.00098    0.00098
system.db.CDbCommand.query(SHOW FULL COLUMNS FROM lime_asset_version)    1    0.00094    0.00094    0.00094    0.00094
system.db.CDbCommand.query(SHOW CREATE TABLE lime_surveys)    1    0.00064    0.00064    0.00064    0.00064
system.db.CDbCommand.query(SHOW CREATE TABLE lime_plugins)    1    0.00049    0.00049    0.00049    0.00049
system.db.CDbCommand.query(SELECT * FROM lime_asset_version t WHERE path = :path LIMIT 1. Bound with :path='/var/www/html/limesurvey/application/extensions/yiiwheels/widgets/select2/assets')    1    0.00046    0.00046    0.00046    0.00046
system.db.CDbCommand.query(SELECT t1.message AS message, t2.translation AS translation FROM lime_source_message t1, lime_message t2 WHERE t1.id=t2.id AND t1.category=:category AND t2.language=:language. Bound with :category='', :language='en')    1    0.00045    0.00045    0.00045    0.00045
system.db.CDbCommand.query(SELECT * FROM lime_plugins t WHERE t.active=:yp0 ORDER BY priority DESC. Bound with :yp0=1)    1    0.00045    0.00045    0.00045    0.00045
system.db.CDbCommand.query(SELECT * FROM lime_settings_global t WHERE stg_name=:name LIMIT 1. Bound with :name='DBVersion')    1    0.00044    0.00044    0.00044    0.00044
system.db.CDbCommand.query(SHOW CREATE TABLE lime_asset_version)    1    0.00044    0.00044    0.00044    0.00044
system.db.CDbCommand.query(SHOW CREATE TABLE lime_plugin_settings)    1    0.00042    0.00042    0.00042    0.00042
system.db.CDbCommand.query(SELECT * FROM lime_asset_version t WHERE path = :path LIMIT 1. Bound with :path='/var/www/html/limesurvey/application/extensions/FlashMessage/assets')    1    0.00039    0.00039    0.00039    0.00039
system.db.CDbCommand.query(SELECT * FROM lime_settings_global t)    1    0.00038    0.00038    0.00038    0.00038
system.db.CDbCommand.query(SELECT * FROM lime_asset_version t WHERE path = :path LIMIT 1. Bound with :path='/var/www/html/limesurvey/application/extensions/LimeScript/assets/script.js')    1    0.00037    0.00037    0.00037    0.00037
system.db.CDbCommand.query(SHOW CREATE TABLE lime_settings_global)    1    0.00036    0.00036    0.00036    0.00036
system.db.CDbCommand.query(SELECT * FROM lime_plugin_settings t WHERE t.plugin_id=:yp0 AND t.model IS NULL AND t.model_id IS NULL AND t.key=:yp1. Bound with :yp0='5', :yp1='is_default')    1    0.00033    0.00033    0.00033    0.00033

DenisChenu

28 Apr 2025 08:31

Replied by DenisChenu on topic AuthLDAP with Active Directory not working

Can you show your script ?
Can you activate debug mode and test ?

Displaying 1 - 15 out of 34 results.

Powered by Kunena Forum

Lime-years ahead

Online-surveys for every purse and purpose

Pricing & Plans

Get started

Welcome to the LimeSurvey Community Forum

Search Results (Searched for: ldap)

Lime-years ahead

Legal

About Us

Open Source

Welcome to the LimeSurvey Community Forum

Advanced Search

Search Options

Search Results (Searched for: ldap)

Lime-years ahead

Legal

About Us

Open Source