PHP LDAP user authentification not working

1
votes

I am trying to implement a LDAP connection through PHP for an internal web page. I use Uniform Server for my PHP. http://www.uniformserver.com/ . As a test I am trying to connect to the test server here. http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/

But I don't understand it seem like it doesn't even go in the if/else statements.

Here's my code :

<?php

$ldapServer = 'ldap.forumsys.com';
$ldapPort = 389;

if(isset($_POST['username']) && isset($_POST['password'])){
    echo "Hello both parameters are set";
    $username = $_POST['username'];
    $password = $_POST['password'];
    echo "<br>" . $username;
    echo "<br>" . $password;
    $ds = ldap_connect($ldapServer, $ldapPort);

    if (ldap_bind($ds, $_POST['username'], $_POST['password'])) {
        // Successful auth
        $_SESSION['username'] = $_POST['username'];
        $_SESSION['password'] = $_POST['password'];
        // log them in!
        echo 'you are logged in ' . $_SESSION['username'] ;    
        //redirect after logged in2
    } else {
        // error message

        echo 'auth failed';
    }
}
else
{
?>
    <form action="login.php" method="POST">
        <label for="username">Username: </label><input id="username" type="text" name="username" required="true" /> 
        <label for="password">Password: </label><input id="password" type="password" name="password" required="true" />        <input type="submit" name="submit" value="Submit" />
    </form>
<?php
 } ?>

My first echos are shown (password and username) but nothing after that is shown. Anyone sees why? I don' have any errors but here's my response.

Hello both parameters are set
username
password

Thanks

1
phpldap
Usually, if some of the LDAP functions fail to perform whatever they are supposed to perform, they emit at least a E_WARNING level message. Have you checked your PHP logs? Do you have logging enabled?Robert Rossmann

1 Answers

1
votes

First things first, check if you're getting a connection. The below snippet is one way of checking this:

if ($ds) {
// Successful connection
} else {
echo "Error connecting";
}

My guess is you're seeing the echo portion because they're outside the ldap_bind, while you're not getting a bind because your connection is failing. Double check the server address and/or try using an IP address. Note you can safely drop the port at this stage as 389 is default, so simply using 

$ds=ldap_connect("ip/address");

Would work fine.

Now, since you're hitting what appears to be an external domain address it may be LDAPS, so double check that (Or maybe it's not). If this is the case, you will need

$ds = ldap_connect('ldaps://ip', 636);

Let me know if any of this has helped