NethServer Version: 7.9.2009 Module: phpldapadmin
Hi, I have just installed phpldapadmin as per the instructions at phpldapadmin [NethServer Wiki]. The minor issue I have picked up is, if i go to https://my_ip/phpldapadmin it works fine, I can log in, but if I use the link in Cockpit Applications, it goes to https://FQDN/phpldapadmin/ and I get the errors: Deprecated : Required parameter $data follows optional parameter $subitem in /usr/share/phpldapadmin/lib/functions.php on line 931
Fatal error : Array and string offset access syntax with curly braces is no longer supported in /usr/share/phpldapadmin/lib/functions.php on line 1641
Could anyone perhaps clarify why this is happening please?
Itâs probably due to the fact that the FQDN canât be correctly reachedâŠ
If you add in NethServers FQDN in NethServers DNS along with itâs IP, it will probably work - your PC / Notebook will need to use NethServers DNS.
â Using NethServers AD, it is almost mandatory to use NethServers DNS!
A similiar thing happens with the App âReportâ, which can be installed from Cockpit Software Center. This App requires https access with a correct SSL cert, so it will NOT work using IP alone, as using IP does not get you a correct SSL cert.
Another option is that your server is using a higher php version than the one provided by default and since phpLDAPadmin on EPEL is âoldâ it does not fully support more current php versions (hence the deprecation notice).
Some of those issues could be fixed by using a more recent phpLDAPadmin version (that means finding some repository that has a newer rpm packaged version or packaging it ourselves from sources⊠or a custom/separate install from source instead of using the EPEL rpm, but then you miss the ânethserver magicâ).
EDIT:
ok, but then I guess it shall happen regardless of using an IP or a FQDN.
@Andy_Wismer Ok, that sounds like a plan, but I just want to ask, will setting any DNS entries in Nethserver not interfere with my ISPs DNS entries, or are they separate from each other? I know I said I understand the workings of DNS however, when it comes to âinternalâ vs âexternalâ I do get a bit confused.
Essentially, internal and external DNS are relativ simple to comprehend.
The main guideline is:
The internal DNS can resolve all internal and external queries concerning your domain (name) and all queries regarding internal IP (PTR / Reverse Lookup).
The external DNS can only resolve external IPs and names. Your external IP? sure. But nothing internal! (Need to know basis, does the internet or anyone there need to use this?)
Example
An internal server, like your NethServer would need an entry on both DNS, if intended eg for mail, which must be reachable internally and externally. The internal DNS returns the internal (correct) IP, the external returns the external IP of your gateway.
Internal DNS and External do not at all interfere with each other (Typos in names / IPs aside!).
Errors are also simple to solve: if externally it works, but not internally, the internal DNS needs an entry. The other way is also valid, if it works internally, but not externally, the external DNS is missing an entry (Or your router needs a port-forwarding entry!).
Another advantage is less timeouts due to non or wrong resolution of hostsâŠ
If the internal DNS has no relevant entry, but the external can resolve a name or IP, that value will be returned. Example: Google / Facebook. The internal DNS will resolve both correctly.
If you want to block eg Facebook, just make an entry for facebook.com, pointing to localhost or whatever you want. You can point to a virtual host with a simple webpage saying Facebook access is not allowed hereâŠ
A benefit: You get nice statistics, who tried to access Facebook when eg AWstats is installed!
@dnutan Hi, thanks, however, as I mentioned, itâs not a critical issue, I can access using IP address no problem, so will just live with that for now.
@Andy_Wismer Hi, I have a quick qustion regarding DNS in Nethserver. I looked at adding DNS entries via Cockpit, however, I am a little baffled. How does one specify a specific (A or MX or such ) record using the DNS page in Cockpit? Or is there a different way?
NethServers DNS canât handle CNAMEs (Aliases) or MX, except for itself.
A Records are possible, but thatâs about it.
Another (large) shortcoming is PTR records. Reverse Lookups arenât correct when several A hosts refer the same IPâŠ
One of the reasons I use my OPNsense as DNS and NethServer also. This way AD works without hassles.
Iâd like to see NethServer 8.x support Unbound or BIND (Or both!).
OPNsense is mostly a seperate box. I tend to use PCEngines APU4d4 for most cases.
I do have 3 cases where OPNsense is running as a VM in Proxmox, but these cases are hosted environments, without the option to add in an OPNsense box (Or VERY expensiveâŠ).
I use OPNsense as main firewall, VPN Gateway and also for DNS / DHCP.
Itâs nice to have Internet when (rarely) NethServer has an issue, and youâld like to check the NethServer Forum for a fixâŠ
OPNsense is like NethServer, really rock solid! (Also free to use), and includes HA / Failover.
Not just WAN Failover but also full firewall box failover, useing 2 or more OPNsense boxes. These can be any combination of real / virtual boxes!
