From bba50284ca972255747baca637d0882d5cbbe744 Mon Sep 17 00:00:00 2001
From: Olivier Mehani <shtrom+friendica@ssji.net>
Date: Wed, 10 Feb 2016 04:55:57 +0000
Subject: [PATCH 1/2] [ldapauth] Add some early connect debug log

Signed-off-by: Olivier Mehani <shtrom+friendica@ssji.net>
---
 ldapauth/ldapauth.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/ldapauth/ldapauth.php b/ldapauth/ldapauth.php
index 55c855af..825d2c29 100755
--- a/ldapauth/ldapauth.php
+++ b/ldapauth/ldapauth.php
@@ -90,23 +90,29 @@ function ldapauth_authenticate($username,$password) {
 	
     if(! ((strlen($password))
             && (function_exists('ldap_connect'))
-            && (strlen($ldap_server))))
+            && (strlen($ldap_server)))) {
+            logger("ldapauth: not configured or missing php-ldap module");
             return false;
+    }
 
     $connect = @ldap_connect($ldap_server);
 
-    if(! $connect)
+    if(! $connect) {
+        logger("ldapauth: could not connect to $ldap_server");
         return false;
+    }
 
     @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
     @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
     if((@ldap_bind($connect,$ldap_binddn,$ldap_bindpw)) === false) {
+        logger("ldapauth: could not bind $ldap_server as $ldap_binddn");
         return false;
     }
 
     $res = @ldap_search($connect,$ldap_searchdn, $ldap_userattr . '=' . $username);
 
     if(! $res) {
+        logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
         return false;
     }
 

From d6f727974b7c29c2966c194b2069faeb196ed8c2 Mon Sep 17 00:00:00 2001
From: Olivier Mehani <shtrom+friendica@ssji.net>
Date: Wed, 10 Feb 2016 11:08:40 +0000
Subject: [PATCH 2/2] Full name in LDAP is usually cn; compare ldap_connect()
 to false

Signed-off-by: Olivier Mehani <shtrom+friendica@ssji.net>
---
 ldapauth/ldapauth.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ldapauth/ldapauth.php b/ldapauth/ldapauth.php
index 825d2c29..60273c3b 100755
--- a/ldapauth/ldapauth.php
+++ b/ldapauth/ldapauth.php
@@ -47,7 +47,7 @@
  * //   attribute to get email - optional - default : 'mail'
  * $a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
  * //   attribute to get nickname - optional - default : 'givenName'
- * $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName';
+ * $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'cn';
  *
  * ...etc.
  */
@@ -97,7 +97,7 @@ function ldapauth_authenticate($username,$password) {
 
     $connect = @ldap_connect($ldap_server);
 
-    if(! $connect) {
+    if($connect === false) {
         logger("ldapauth: could not connect to $ldap_server");
         return false;
     }