How to enable LDAP authentication in PHP

1
votes

I have one server (Windows Server 2012 R2) and I need to configure a LDAP users authentication in PHP. Server is domain controller, PHP (5.6) is installed and PHP already has LDAP extension. Bind with credentials in ldp.exe works.

WHAT I KNOW:

  • LDAP connection works
  • I can log on anonymously
  • I cannot log in with user credentials (even with admin credentials)
  • I've tried edit policy "Default Domain Controller"

Domain Controller: LDAP server signing requirements

NONE

Network Security: LDAP client signing requirements

NEGOTIATE SIGNING

PHP CODE:

// using ldap bind
$ldaprdn  = 'bigboss';     // ldap rdn or dn
$ldappass = 'AdmiN123';  // associated password

// connect to ldap server
$ldapconn = ldap_connect("ldap://172.16.31.70")
    or die("Could not connect to LDAP server.");

if ($ldapconn) {
    // binding to ldap server
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
    // verify binding
    if ($ldapbind) {
        echo "LDAP bind successful...";
    } else {
        echo "LDAP bind failed...";
    }   
}
1
phpactive-directoryldapwindows-authenticationwindows-server-2012-r2
Do you get any error-messages on PHP-Side? Try ldap_error() to get more information of what is actually failing and update your question accordingly. That will make it easier to find a solution.heiglandreas
On "echo ldap_error($ldap_bind);" returns nothing. I've tried LDAP connection in ldp.exe program. If I connect I have to bind user with "Bind with credentials" and simple bind doesn't work. Any way to allow Simple bind? Simple bind with this php code should work.David Tyemnyák
$ldapbind not $ldap_bindDavid Tyemnyák

1 Answers

0
votes

My fault, I need to edit 

$ldaprdn  = 'bigboss'

to 

$ldaprdn  = '[domain name]\bigboss'

Thanks