HEX
Server: LiteSpeed
System: Linux d8 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
User: wbwebdes (3015)
PHP: 8.1.31
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/wbwebdes/domains/files.wb-cloud.nl/public_html/apps/user_ldap/ajax/
Upload Files
File: /home/wbwebdes/domains/files.wb-cloud.nl/public_html/apps/user_ldap/ajax/testConfiguration.php
<?php

use OCA\User_LDAP\Exceptions\ConfigurationIssueException;
use OCA\User_LDAP\LDAP;
use OCP\ISession;
use OCP\Server;
use OCP\Util;

/**
 * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
 * SPDX-License-Identifier: AGPL-3.0-only
 */
// Check user and app status
\OC_JSON::checkAdminUser();
\OC_JSON::checkAppEnabled('user_ldap');
\OC_JSON::callCheck();

$l = Util::getL10N('user_ldap');

$ldapWrapper = new LDAP();
$connection = new \OCA\User_LDAP\Connection($ldapWrapper, $_POST['ldap_serverconfig_chooser']);


try {
	$configurationError = '';
	$conf = $connection->getConfiguration();
	if ($conf['ldap_configuration_active'] === '0') {
		//needs to be true, otherwise it will also fail with an irritating message
		$conf['ldap_configuration_active'] = '1';
	}
	try {
		$connection->setConfiguration($conf, throw: true);
	} catch (ConfigurationIssueException $e) {
		$configurationError = $e->getHint();
	}
	if ($configurationError === '') {
		//Configuration is okay
		/*
		 * Closing the session since it won't be used from this point on. There might be a potential
		 * race condition if a second request is made: either this request or the other might not
		 * contact the LDAP backup server the first time when it should, but there shouldn't be any
		 * problem with that other than the extra connection.
		 */
		Server::get(ISession::class)->close();
		if ($connection->bind()) {
			/*
			 * This shiny if block is an ugly hack to find out whether anonymous
			 * bind is possible on AD or not. Because AD happily and constantly
			 * replies with success to any anonymous bind request, we need to
			 * fire up a broken operation. If AD does not allow anonymous bind,
			 * it will end up with LDAP error code 1 which is turned into an
			 * exception by the LDAP wrapper. We catch this. Other cases may
			 * pass (like e.g. expected syntax error).
			 */
			try {
				$ldapWrapper->read($connection->getConnectionResource(), '', 'objectClass=*', ['dn']);
			} catch (\Exception $e) {
				if ($e->getCode() === 1) {
					\OC_JSON::error(['message' => $l->t('Invalid configuration: Anonymous binding is not allowed.')]);
					exit;
				}
			}
			\OC_JSON::success(['message'
			=> $l->t('Valid configuration, connection established!')]);
		} else {
			\OC_JSON::error(['message'
			=> $l->t('Valid configuration, but binding failed. Please check the server settings and credentials.')]);
		}
	} else {
		\OC_JSON::error(['message'
		=> $l->t('Invalid configuration: %s', $configurationError)]);
	}
} catch (\Exception $e) {
	\OC_JSON::error(['message' => $e->getMessage()]);
}
@ Telegram