LDAP and PHP connection failure

2020-02-09 07:13发布

站内问答 / PHP
404 7 6

I am trying to connect to a secure LDAP server (using LDAPs) via PHP, but I am having problems with it. I get the following error

Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Can't contact LDAP server in /var/www/test.php on line 16

I works when I try to connect without LDAPs, but it is required that I use LDAPs because I am going to be dealing with sensitive information.

I am using the following code

<?php
// basic sequence with LDAP is connect, bind, search, interpret search
// result, close connection

echo "<h3>LDAP query test</h3>";
echo "Connecting ...";
$ds=ldap_connect("ldaps://server");  // must be a valid LDAP server!




print $ds;

if ($ds) { 
    echo "<br><br>Binding ..."; 
    $r=ldap_bind($ds);     // this is an "anonymous" bind, typically
                           // read-only access
    echo "Bind result is " . $r . "<br />";

    echo "Searching for (sn=S*) ...";
    // Search surname entry
    $sr=ldap_search($ds, "ou=people,o=server.ca,o=server", "uid=username*");  
    echo "Search result is " . $sr . "<br />";

    echo "Number of entires returned is " . ldap_count_entries($ds, $sr) . "<br />";

    echo "Getting entries ...<p>";
    $info = ldap_get_entries($ds, $sr);
    echo "Data for " . $info["count"] . " items returned:<p>";

print_r($info);
//    for ($i=0; $i<$info["count"]; $i++) {
//        echo "dn is: " . $info[$i]["dn"] . "<br />";
//        echo "first cn entry is: " . $info[$i]["cn"][0] . "<br />";
//        echo "first email entry is: " . $info[$i]["mail"][0] . "<br /><hr />";
//    }

    echo "Closing connection";
    ldap_close($ds);

} else {
    echo "<h4>Unable to connect to LDAP server</h4>";
}
?>

标签: php ldap
举报
7条回答
手持菜刀,她持情操
2楼-- · 2020-02-09 08:12

What saved my day after reading and trying out solutions from allover the web and SO, was to use a ldaps uri without the port specified in it.

So instead of this: ldaps://example.com:636 I had to use this: ldaps://example.com and it now works like a charm.

I was setting this up on Ubuntu 16.04 with PHP7.3 runing through Nginx and php-fpm.

A full code example:

try{
    $ldapUri = "ldaps://example.com";
    $ldapUsername = 'username';
    $ldapPassword = 'password';
    $ldapConn = ldap_connect($ldapUri);
    if($ldapConn){
        ldap_set_option($ldapConn,LDAP_OPT_NETWORK_TIMEOUT,10);

        if(!ldap_set_option($ldapConn,LDAP_OPT_PROTOCOL_VERSION,3)){
           print 'Failed to set ldap protocol to version 3<br>';
        }
        ldap_set_option($ldapConn, LDAP_OPT_REFERRALS,0);
        $ldapBind = ldap_bind($ldapConn, $ldapUsername, $ldapPass);
        if ($ldapBind) {
           echo "LDAP bind successful...";
           //DO LDAP search and stuff
           ldap_unbind($ldapConn);
        } else {
           echo "LDAP bind failed...";
        }
    }
}catch(Exception $e){
    print($e->getMessage();
}
查看更多
0人赞 添加讨论(0) 举报
上一页 1 2
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)