SSL ldap bind — PHP — IT news, forums, messages

You are here: SSL ldap bind « PHP « IT news, forums, messages

Posted by Jason Motes on 06/16/05 19:45

Hello list

I am trying to do an ssl ldap bind to novell's edir 8.7.

I have followed the examples from
http://us4.php.net/manual/en/function.ldap-connect.php I know these
examples are for AD, but they should be close to the same.

I have exported the server cert and made the changes to ldap.conf. and
restarted the ldap service

from the command line on a linux box this works:
ldapsearch -H "ldaps://ldapserver" -x

but this does not
ldapsearch -H "ldaps://ldapserver"

and returns the error:
ldap_ssl_interactive_bind_s: Unknown authentication method (86)
additional info: SASL(-4): no mechanism available: No worthy mechs
found
if i run the above command with the debug option -d 16 it says something
about supportedSASLMechanisms1...NMAS_LOGIN

notice that on the one that does not work i am not using the -x option.
This option allows you todo simple authentication.

In php i can do a bind on the normal port of 389, but anything on 636 fails.

$ldapserver="ldapserver"; //this works
$ldapserver="ldaps://ldapserver"; //this fails
$ldapserver="ldapserver:636"; //this fails

if (!($ldap = ldap_connect($ldapserver)))
{
die ("Could not connect to LDAP Server: $server\n");
}
else {
print "Connected\n";
}
if (!(ldap_bind($ldap, $bindUser,$bindPass)))
{
die ("Unable to Bind");
}
else {
print "Bound\n";
}

I am assuming the reason that it is failing is that i am getting that
same SASL error.

Is there anyway to make ldap_bind() use simple authentication??

I looked at ldap_set_option() and could not find anything about simple
authentication. http://us4.php.net/manual/en/function.ldap-set-option.php
This page has a link to:
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/doc/drafts/draft-ietf-ldapext-ldap-c-api-xx.txt
This page says something about a constant value LDAP_SASL_SIMPLE. Is
there anyway to configure this?

I am using:
PHP 4.3.3 --with-openssl --with-ldap=yes
Apache 2.0
Openldap
OpenSSL 0.9.7b 10 Apr 2003

I have googled all over for this, any help would be appreciated.

Thanks,
Jason Motes

Navigation:

Next in forum: Re: Include and extending classes
Prev in forum: Include and extending classes
Thread view: SSL ldap bind

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация