Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

CentOS-7 openLDAP with php

Discussion in 'Red Hat / CentOS' started by Snd Lt, Apr 9, 2015.

  1. Snd Lt

    Snd Lt Guest

    I'm trying to deploy openLDAP on CentOS-7 using WebMin and phLDAPadmin GUI tools. However, after downloading and configuring them, I can't access the GUI web from a different host but only via "htt://localhost/ldapadmin" or "htt://localhost/phldapadmin" on the local host that has openLDAP, phLDAP installed. Following are my conf files and IPtable. (replaced httpd with h)

    [part of /etc/phldapadmin/config.ph]
    $servers->setValue('login','attr','dn');
    / servers->setValue('login','attr','uid');

    [/etc/hd/conf.d/phldapadmin.conf]
    Alias /phldapadmin /usr/share/phldapadmin/htdocs
    Alias /ldapadmin /usr/share/phldapadmin/htdocs

    <Directory /usr/share/phldapadmin/htdocs>
    <IfModule mod_authz_core.c>
    # Apache 2.4
    Require local
    </IfModule>
    <IfModule !mod_authz_core.c>
    # Apache 2.2
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1 172.16.0.0/16
    Allow from ::1
    </IfModule>
    </Directory>


    [/etc/sysconfig/iptables]
    # sample configuration for iptables service
    # you can edit this manually or use system-config-firewall
    # please do not ask us to add additional ports/services to this default configuration
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p icmp -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 8140 -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
    -A INPUT -i eth0 -p tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
    -A INPUT -i eth0 -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
    -A INPUT -p udp -m udp --dport 53 -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
    -A OUTPUT -p udp -m udp --sport 53 -j ACCEPT
    -A OUTPUT -p tcp -m tcp --sport 53 -j ACCEPT
    -A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
    -A OUTPUT -p tcp -m tcp --sport 80 -j ACCEPT
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT -s 172.16.0.0/16
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT -s 172.16.0.0/16
    -A INPUT -j REJECT --reject-with icmp-host-prohibited
    -A FORWARD -j REJECT --reject-with icmp-host-prohibited
    COMMIT
    # Generated by webmin
    *mangle
    :FORWARD ACCEPT [0:0]
    :INPUT ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :pREROUTING ACCEPT [0:0]
    :pOSTROUTING ACCEPT [0:0]
    COMMIT
    # Completed
    # Generated by webmin
    *nat
    :INPUT ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :pREROUTING ACCEPT [0:0]
    :pOSTROUTING ACCEPT [0:0]
    COMMIT
    # Completed

    Help appreciated on accessing this. Which port does ldapadmin/phldapamin use anyways? Now I'm getting "You don't have permission to access /ldapadmin on this server." Thanks.


    (Log in to hide this advertisement)

     
  2. Snd Lt

    Snd Lt Guest

    I also see this in the log:
    Hmm, my devices are all in 172.16.0.0/16 but then I also tried allow all

    172.16.1.33 - - [05/Apr/2015:08:05:56 -0700] "GET /favicon.ico h/1.1" 400 62 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36"
    172.16.1.46 - - [06/Apr/2015:15:30:08 -0700] "GET / h/1.1" 400 51 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36"
    172.16.1.46 - - [06/Apr/2015:15:30:08 -0700] "GET /favicon.ico h/1.1" 400 62 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36"
    172.16.1.46 - - [07/Apr/2015:10:59:39 -0700] "GET / h/1.1" 500 3065 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin h/1.1" 301 235 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/ h/1.1" 200 4782 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/css/default/style.css h/1.1" 200 15643 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/js/jscalendar/calendar-blue.css h/1.1" 200 4830 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/js/ajax_functions.js h/1.1" 200 7205 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/js/jscalendar/calendar.js h/1.1" 200 49185 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/images/default/logo-small.png h/1.1" 200 7053 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/images/default/forum-big.png h/1.1" 200 738 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/images/default/request-feature-big.png h/1.1" 200 1095 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/js/layersmenu-browser_detection.js h/1.1" 200 2624 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/js/ajax_tree.js h/1.1" 200 4544 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/images/default/plus.png h/1.1" 200 102 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/images/default/bug-big.png h/1.1" 200 928 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    ::1 - - [07/Apr/2015:15:29:27 -0700] "GET /ldapadmin/images/default/login.png h/1.1" 200 654 "h:/.localhost/ldapadmin/" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"
    "/var/log/hd/access_log" 177L, 36093C
     

Share This Page