Skip to content

ldap_search not working on debian 11 with PHP8.2 and ldap module compiled from source #18832

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
B0rner opened this issue Jun 11, 2025 · 0 comments
Open

ldap_search not working on debian 11 with PHP8.2 and ldap module compiled from source #18832

B0rner opened this issue Jun 11, 2025 · 0 comments
Labels
Bug Extension: ldap Status: Needs Triage

Comments

@B0rner
Copy link

B0rner commented Jun 11, 2025

Description

The following code:

Hey, I use a self compiled php8.2-ldap extension in an php8.2 setup (Default PHP8.2 container from docker php 8.2.28-cli-bullseye) .
The following code always return the ldap error Operations error (ldap_error-code 1)

<?php
$ldap_host = "myhost"; 
$ldap_dn = "DC=host,DC=site";
$ldap_username = <user>; 
$ldap_password = <pw>; 
$options = [
        'host' => $ldap_host,
        'dn' => $ldap_dn,
        'username' => $ldap_username,
        'password' => $ldap_password,
];


$ldapconn = ldap_connect($options['host']);
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);

@ldap_bind($ldapconn, $options['user'], $options['password']);

$filter = "(objectClass=*)";

@$search = ldap_list($ldapconn, $dn, $filter);

if (!$search) {
        var_dump([
                '$search' => $search,
                'error' => 'LDAP search failed',
                'ldap_error' => ldap_error($ldapconn),
                'ldap_errno' => ldap_errno($ldapconn),
                'base_dn' => $dn,
                'filter' => $filter
        ]);
}
ldap_unbind($ldapconn);

?>

ldap_connect and ldap_bind are working fine. It is also possible to get the base dn using the following codeblock:

$read = ldap_read($ldapconn, '', 'objectClass=*', ['defaultNamingContext'], 0);
$data = ldap_get_entries($ldapconn, $read);
$dn = $data[0]['defaultnamingcontext'][0] ?? null;

That means ldap_read and ldap_get_entriesare working.

If I use the same code from above on ubuntu using pre-compiled php8.2-ldap.so module from ubuntu repository, the code runs fine without any errors. So I can be sure, that the the credentials from $options are correct. Also an ldapsearch from command line with the same credentials and filters returns valid results.

I compile the php8.2-ldap module during docker-build phase using that code:

RUN apt-get update && apt-get -y install pkg-config [...] ldap-utils libldap-common libldap2-dev\
[...]
&& docker-php-ext-configure ldap --with-libdir=/lib/x86_64-linux-gnu/ \
&& docker-php-ext-install ldap \
[...]

Resulted in this output:

`Operations error`  (ldap_error-code 1)

But I expected this output instead:

I expected a list of LDAP entries

Any idea, what's goinig on here? Did a miss a compiler-option or an package?

PHP Version

PHP 8.2.4 (cli) (built: Mar 16 2023 21:25:47) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.4, Copyright (c) Zend Technologies
    with Zend OPcache v8.2.4, Copyright (c), by Zend Technologies

Operating System

Debian 11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Extension: ldap Status: Needs Triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bukka @B0rner