Steve Cliff

Yes, it’s saving all the details correctly, which is good I think … but still can’t get through ??

Yes I did try just in case but it comes up with an even odder error on the host name at that point:

S3 connection error: Error executing “PutObject” on “https://.xcloner_96bcd8”; AWS HTTP error: cURL error 6: Could not resolve host: .xcloner_96bcd8 (see https://curl.haxx.se/libcurl/c/libcurl-errors.html)

The settings I am using are:

S3 Endpoint: https://s3.devcloud.guru
S3 bucket name: xcloner
S3 prefix: <blank>

Trying to verify the connection comes up with the following error:

S3 connection error: Error executing “PutObject” on “https://xcloner.s3.devcloud.guru/.xcloner_d3f7a3&#8221;; AWS HTTP error: cURL error 6: Could not resolve host: xcloner.s3.devcloud.guru (see https://curl.haxx.se/libcurl/c/libcurl-errors.html)

Instead of accessing S3 through xcloner.s3.devcloud.guru I need the alternative method of s3.devcloud.guru/xcloner for my set up to work.

Not sure if you mean that you need PHP7 as opposed to PHP5 but if you do then IMO you are putting your clients at greater risk stopping on PHP5 tbh. The security (and speed!) improvements of upgrading to PHP7 are very worthwhile.

As far as Xcloner itself, I don’t think it’s unreasonable to drop support for PHP5 when PHP7 has been out for 3 years (ish?)

Now if you can’t upgrade due to other issues then I can understand – but that wouldn’t be Xcloner fault.

If it’s not about PHP5 versus PHP7 though then I would be interested to see what’s changed in case it affects my PHP7 sites ??

Cheers,
Steve.

Not sure if it helps but I don’t have an issue with temp files on the 3 sites I have deployed – my set up is below:

VM:
CentOS 7.4
PHP 7
Wordpress 4.9.2 (not multi-site)

Xcloner:
Log enabled
Force Temporary Path Within XCloner Storage disabled
Cleanup options: Quantity = 1, Delete backup after remote enabled

Cron:
Wordpress disabled (I.E. “define(‘DISABLE_WP_CRON’, true);” in wp-config.php)
Easycron enabled (pointing to https://websitename.co.uk/wp-cron.php every 15 minutes)

Edit: Ignore my post – I just spotted Liuta’s response that has come in while I was writing this ?? I don’t get the issue due to me disabling wp-cron I think.

• This reply was modified 6 years, 10 months ago by Steve Cliff.

That is extremely useful information Paul – and makes the overall security of the WordPress install significantly higher than we expected. Many thanks for the confirmation/info!

Hi Paul – I have no idea why but it now works …… ! I decided to rebuild another “proper” server (the 4th now!) and used the same scripts as before and LDAP went straight in fine. I am elated that it’s up and working (as I have staff coming in to work tomorrow) but confused as hell as to why it didn’t work initially – lol!

However, thank you for your comments and willingness to try and help … and once again for a brilliant plugin.

Once I get over this I may even investigate more around uwamp and why that didn’t work!

Also, running your LDAP test PHP gives the following:
https://myhub.devcloud.guru/index.php/s/P21cPQ8Aj6elaSY

NB. I got the same error on 7.1 but this happened to be 7.0.3 – I was just trying a different PHP version in case that helped.

Hi Paul,

Many thanks for the reply!

The error is: “wpDirAuth config error: No directory server available for authentication, OR pre-binding credentials denied.”. I can’t spot anything else in the Apache logs.

php_openssl.php is enabled
Apache ssl_module is enabled (not sure if I need this or not though)

phpinfo returns the following around openssl:

OpenSSL support	enabled
OpenSSL Library Version	OpenSSL 1.0.2f 28 Jan 2016
OpenSSL Header Version	OpenSSL 1.0.2m 2 Nov 2017
Openssl default config	/apache24/conf/openssl.cnf

I’ve just re-created the issue again to make sure, I.E.:

Download & unzipped uwamp: (from https://www.uwamp.com/file/UwAmp.zip)
Run uwamp – changed drop down from PHP 5.4 to PHP 7.1
Download & unzipped WordPress
Created a user/db
Run the WordPress install
Deleted all initial plugins and installed/activated wpDirAuth
Added in same settings as on the working server

I think I’ve done the right things here ….. but having worked on this for 3 days now I’m starting to lose the plot – lol!

Steve.

Don’t worry – I appreciate your comments/help anyway – unfortunately I’m stuck with what I’ve got as I don’t control the LDAP service we have to use.

Thanks again anyway.

Addendum:

I’ve also spun up a local uwamp box based on PHP 7.1 with php-ldap configured and getting the same issue ??

Yeah, it’s definitely not your plugin ??

I’ve run the following and this won’t connect either …

<?php

//LDAP server address
$server = "ldaps://ldap.xxx.net:636";
//domain user to connect to LDAP
$user = "xxUK02919";
//user password
$psw = "xxx";
//FQDN path where search will be performed. OU - organizational unit / DC - domain component
$dn = "ou=people,dc=xxx,dc=com";
//Search query. CN - common name (CN=* will return all objects)
$search = "CN=*";                    
// ------------------------------------------------------------------------

putenv('LDAPTLS_REQCERT=never');

echo "<h2>php LDAP query test</h2>";
// connecting to LDAP server
$ds=ldap_connect($server);
echo "ldap_connect triggered against ", $server;

$r=ldap_bind($ds, $user , $psw); 
echo "ldap_bind triggered against user=", $user, " password=", $psw;

// performing search
$sr=ldap_search($ds, $dn, $search);
$data = ldap_get_entries($ds, $sr);    
echo "Found " . $data["count"] . " entries";
for ($i=0; $i<$data["count"]; $i++) {
 echo "<h4><strong>Common Name: </strong>" . $data[$i]["cn"][0] . "</h4><br />";
 echo "<strong>Distinguished Name: </strong>" . $data[$i]["dn"] . "<br />";
 //checking if discription exists 
 if (isset($data[$i]["description"][0])) 
 echo "<strong>Desription: </strong>" . $data[$i]["description"][0] . "<br />";
 else 
 echo "<strong>Description not set</strong><br />";
 //checking if email exists
 if (isset($data[$i]["mail"][0]))
 echo "<strong>Email: </strong>" . $data[$i]["mail"][0] . "<br /><hr />";
 else 
 echo "<strong>Email not set</strong><br /><hr />";
 }
 // close connection
 ldap_close($ds);
?>

The format of URI I am using is:

ldaps://aoLdapKey=xxUK02919,ou=people,dc=xxx,dc=com:[email protected]/ou=people,dc=xxx,dc=com

Results in:
“[Tue Dec 26 12:11:10.700096 2017] [php7:notice] [pid 1520:tid 1348] [client ::1:58787] [AuthLDAP] LDAP authentication failed with exception: bind was not successfull: Can’t contact LDAP server, referer: https://localhost/wp-login.php

The utility I’m using is Windows based but this works:
https://myhub.devcloud.guru/index.php/s/oNnh1nDbtWk7Huj

It’s not an exact test though I think as although the web site is running on my Windows machine, it’s using Uwamp?

• This reply was modified 6 years, 11 months ago by Steve Cliff.

Thanks for the quick response!

I’ve found “LDAP authentication failed with exception: bind was not successfull: Can’t contact LDAP server”. Digging in to it now but it’s odd as I’m currently browsing the LDAP using the same credentials I’ve entered.

NB. I’m not suggesting this is a bug in your plugin btw – 99.9% it will be my bad understanding of LDAP ?? Will keep looking …

Thanks,
Steve.

Thanks for the info regards the LDAP filters ?? And apologies to barry for the duff info!