How to delete a entry in OpenLDAP server using PHP WITHOUT SSL?

Question

I want to delete a POSIX account in the OpenLDAP server by using PHP.

public static function deleteUser($ldapconn, $username) {
    if (!$ldapconn) { return false; }
    if (LDAPUserManager::isUserExist($ldapconn, $username)) {
        $dn = "cn=".$username.",cn=users,ou=groups,dc=hahaha,dc=com";
        ldap_delete($ldapconn, $dn);  // Warning here!
    }
}

When I execute the above method, I got a warning:

Warning: ldap_delete(): Delete: Strong(er) authentication required in /var/www/html/system/LDAP/LDAPUserManager.php on line 73

When I check the result in phpLDAPadmin, the user is not deleted after the execution. Also, the same problem appears when executing ldap_modify(). However, it is so odd that the problem does not appear when I execute ldap_add().

The apache web server with PHP script [192.168.1.1] and the OpenLDAP server [192.168.1.4] are actually on two different machines. After searching some of the posts, SSL seems required for solving the problem. But the problem is that my two servers do not have a domain. Is there any method to solve (or bypass) the problem?

• Write a PHP function to delete the entry by sending LDAP command ldapdelete to the OpenLDAP server via SSH.
• Or, I should configure something to make the ldap_delete function work?

How to delete/modify a user in OpenLDAP using PHP?

Server Information

< Web Server >
PHP Version:  PHP 7.0
HTTP Server:  apache2
Server OS  :  Ubuntu 16.04

< OpenLDAP Server >
OpenLDAP Version: 2.4.42
Server OS       :  Ubuntu 16.04

< Other Server >
Server OS  :  Ubuntu 16.04

Answer 1

As the message says, you'll need to connect to the LDAP-Server with a stronger authentication. When you'Re connecting to the server using ldap:// you might want to try ldaps:// or connecting to the server via TLS or SASL.

My favourite search engine also showed this SO-question for the message: PHP ldap - Strong(er) authentication required