500 Error When Enabling SSL for Secure LDAP

[kellerisddev]

• Laravel Version: Requirements could not be reolved from Composer #5.8.*#
• Adldap2-Laravel Version: Driver [adldap] not supported #6.0#
• PHP Version: Cannot access adldap property of model. #7.2.14#
• LDAP Type: ActiveDirectory

Description:

We are atttempting to implement secure LDAP connection in order to write back to Active Directory. I have the following configured in config/ldap.php

'port' => env('LDAP_PORT', 636), // SSL

'username' => env('LDAP_USERNAME', 'serviceaccount@localdomain'),
'password' => env('LDAP_PASSWORD', 'xxxxxxxxxxx'),

'use_ssl' => env('LDAP_USE_SSL', true),

Steps To Reproduce:

When I change config file to the above setting and clear the configuration cache and then attempt to login, I get a 500 internal server error. I am not sure how to identify the error in order to troubleshoot it further. We are running on Windows Server 2016 and our system administrator assures me that the server and DC's are all configured to allow secure LDAP.

[stevebauman]

Hi @kellerisddev,

You should look at your Laravel logs, via the storage/logs directory. That's where all errors and exceptions are posted.

[kellerisddev]

Thanks @stevebauman , I have looked at that and unfortunately, it is not telling me why I am getting a 500 error. It simply says the following:

[2020-05-19 09:07:42] local.INFO: LDAP (ldaps://local.domain:636) - Connection: default - Operation: Binding - Username: user@local.domain

I do notice that when I successfully connect via Port 389 there are two lines logged

[2020-05-19 00:00:03] local.INFO: LDAP (ldap://local.domain:389) - Connection: default - Operation: Binding - Username: user@local.domain
[2020-05-19 00:00:03] local.INFO: LDAP (ldap://local.domain:389) - Connection: default - Operation: Bound - Username: user@local.domain

Does that hold any significance?

Why would it fail to bind the same user securely if it is able to bind it insecurely?

[stevebauman]

Are you receiving a Laravel exception, or an IIS server exception? If no exceptions are posted in your storage/logs directory, I would look at your servers logs. Doesn't sound right to me that your app is blowing up without any type of log entry of the error.

[kellerisddev]

It looks to be an IIS server exception. Just a

500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.

[stevebauman]

Sorry @kellerisddev! I'm not able to help you debug server IIS issues as I do not have access to it or it's logs / resources.