0

I'm trying to implement some code from these pages but unsuccessfully. I need to do ldap authentication from php and have this code:

<?php
$ldap['user'] = "tester";
$ldap['pass'] = "test";
$ldap['host']   = '147.32.99.8';
$ldap['port']   = 636;
$ldap['conn'] = ldap_connect( $ldap['host'], $ldap['port'] )
or die("Could not conenct to {$ldap['host']}" );
$ldap['bind'] = ldap_bind($ldap['conn'], $ldap['user'], $ldap['pass']);
if( !$ldap['bind'] )
{
echo ldap_error( $ldap['conn'] );
exit;
}
echo "<p>";
echo ($ldap['bind'])? "Valid Login" : "Login Failed";
echo "</p><br />";
ldap_close( $ldap['conn'] );
?>

But it doesn't work. I'm almost sure that in user name is missing domain. But where can I find domain? I have only IP address.

From Softera ldap browser I have following informations: URL: ldaps://147.32.99.8:636/cn=tester,ou=staff,ou=uceeb,o=cvut

Maybe there is another mistake not only missing domain but I'm really LDAP beginner. Thank you for any reply that will help me.

Atreiu
  • 3
  • 1
  • What do you mean by "it doesn't work"? Does it die when you try to connect? Are you getting any error messages in your error log? – Jay Blanchard Jul 07 '14 at 12:00
  • Sorry I forgot to writte it. It returns error message: Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in C:\Bitnami\wampstack-5.4.28-0\apache2\htdocs\ldap\index.php on line 8 Can't contact LDAP server – Atreiu Jul 07 '14 at 12:10
  • If you're not getting a connection error (in line 5 of your code) then you are connecting to the server. Have a look at this for more information: http://stackoverflow.com/questions/1049653/ldap-and-php – Jay Blanchard Jul 07 '14 at 12:14
  • Cannot be problem that it is ldaps and not ldap? – Atreiu Jul 07 '14 at 13:42
  • If it's LDAPS, try ```ldap_connect('ldaps://' . $ldap['host'], $ldap['port'])``` - More info at http://de1.php.net/ldap_bind#86635 – heiglandreas Jul 08 '14 at 08:34

1 Answers1

0

This code sometimes works:

function authUserAD($username, $password, $ldap_server="147.32.99.8") { 
  $auth_user = $username;
  if($connect = ldap_connect($ldap_server)){
    ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
    if(ldap_bind($connect, $auth_user, $password)) {
      ldap_close($connect);
      return(true);
    }
  }
  ldap_close($connect);
  return(false);
}
if(authUserAD("cn=tester,ou=staff,ou=uceeb,o=cvut", "test")) echo "<p>Login/password OK.</p>";
else echo "<p>Connection error.</p>";

But in LDAP administration I have to change the value of Require TLS for simple links with password to NO and after that again back to YES. After this two operations it works. But how to do it without this strange operation.

Atreiu
  • 3
  • 1