i have made a simple login form in html/php 1.6 to authenticate against my active directory 2012r2 and when i try to login sometimes i get this error when i execute ldap_search in php: (without change the code or configurations)
000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580**
the error said that i have to be authenticated to perform an ldap search but user and password are good.
here the code:
$srv="ldaps://server.domain";
$port=636;
$ldap=ldap_connect($srv,$port)
ldap_set_option($ldap,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($con, LDAP_OPT_REFERRALS, 0);
ldap_bind($ldap,"DOMAIN\adminsuer",$password)
$mesg1=ldap_search($basedn,"(&(objectCategory=person)(sAMAccountName=$username))",array('sAMAccountName', 'cn', 'sn', 'givenName', 'pwdLastSet', 'userAccountControl', 'pager', 'employeeNumber'));
where is the problem?
----EDIT----
after a long time I came back to face the problem. I also tried as the php.net site says, but nothing good. my problem is that the bind on ldap works but then when I do a search on active directory, this returns the error specified above. this problem happens rarely and disappears after some time that happens (about next 5->30 minutes)
....
ldap_set_option($ldap,LDAP_OPT_REFERRALS,0);
$bind=@ldap_bind($ldap,$adminuserdn,$adminpass);
if ($bind) {
logga2("bind admin OK");
$mesg1=ldap_search($ldap,$basedn,"(&(objectCategory=person)(sAMAccountName=$username))",array('sAMAccountName', 'cn', 'sn', 'givenName', 'pwdLastSet', 'userAccountControl', 'pager', 'employeeNumber'));
if ($mesg1) {
....
}
....
}
....
questo problema lo verifico anche con script perl e con un programma per windows che si chiama ldapadmin (http://www.ldapadmin.org/) opportunamente configurato per collegarsi agli ldap dei vari domain controller.
