我正在尝试使用PHP进行LDAP身份验证 以下是我的代码:
<?php
$ldaphost = 'ldap://ldapServer';
$ldapport = 389;
$ds = ldap_connect($ldaphost, $ldapport)
or die("Could not connect to $ldaphost");
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
//ldap_set_option($ds, LDAP_OPT_DEBUG_LEVEL, 7);
if ($ds)
{
$username = "testuser@domain.com";
$upasswd = "testpass";
$ldapbind = ldap_bind($ds, $username, $upasswd);
if ($ldapbind)
{print "Congratulations! $username is authenticated.";}
else
{print "Access Denied!";}
}
?>
但它引发了以下错误:
PHP警告:
ldap_bind():无法绑定到服务器:无法联系LDAP服务器
任何想法,我怎么能解决它?
注意:当我在某个论坛上遇到这个词时,我们是否需要ldap.config个文件。我的机器上没有看到任何这样的文件。我在ext文件夹中使用php_ldap.dll并使用Windows。
答案 0 :(得分:2)
答案 1 :(得分:0)
我猜ldap_connect()不需要协议,所以这个天真的补丁应该可以解决你的问题:
--- ldap.php.bak 2012-09-04 10:52:29.563203493 +0200
+++ ldap.php 2012-09-04 10:52:46.807203766 +0200
@@ -1,6 +1,6 @@
<?php
-$ldaphost = 'ldap://ldapServer';
+$ldaphost = 'ldapServer';
$ldapport = 389;
$ds = ldap_connect($ldaphost, $ldapport)
查看官方文档中的basic example。
答案 2 :(得分:0)
我们在本地网络中证明了它并且运行良好。例如,如果您使用带有Zentyal的Ldap,请转到https://serveriporname/Users/Composite/Settings,然后选择它在“用户DN”中提供的选项,以便您获取我们将调用$userdns的地址,您可以证明以下代码< / p>
<?php
//The variables are implicit
$ad = ldap_connect($ldap_server) ; //Ex: 10.0.0.1
ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3) ;
//Using the provided user and password to login into LDAP server.
//For the dc, normally will be the domain.
$sr=ldap_search($ad, $userdns, "cn=*usuario*");
$info = ldap_get_entries($ad, $sr);
for ($i=0; $i<$info["count"]; $i++) {
/*Print out the user information here. If you rather to request by other field than cn take its name from here*/
print_r($info[$i]);
echo "<p><hr/></p>";
}
$ds = ldap_bind($ad,"uid=$ldap_user,$userdns",$ldap_pass);
if($ds){
echo "<h4>$ldap_user connect to LDAP server \"$ldap_domain\"</h4>";
} else {
echo "<h4>Unable to connect to LDAP server</h4>";
}
ldap_close($ad);
?>
答案 3 :(得分:0)
就像Minras所说,你对错误的凭据有约束力。尝试这样的事情:
$ldaprdn = 'cn=binder,dc=domain,dc=com'; // ldap rdn or dn or proxy agent or admin
$ldappass = 'password'; // associated password
// connect to ldap server
$ldapconn = ldap_connect("54.85.xx.xx")
or die("Could not connect to LDAP server.");
// Set some ldap options for talking to
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
if ($ldapconn) {
// binding to ldap server
$ldapbind = @ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
echo "Done..\n</h1>";
} else {
echo "Damn you LDAP...\n";
}
}
答案 4 :(得分:0)
我不确定你是否仍然需要答案,但我想从我的经验中添加一些内容。
$username = 'bentcoder';
$password = '123123';
$server = '192.168.32.4';
$domain = '@yourdomain.com';
$port = 389;
$ldap_connection = ldap_connect($server, $port);
if (! $ldap_connection)
{
echo '<p>LDAP SERVER CONNECTION FAILED</p>';
exit;
}
// Help talking to AD
ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0);
$ldap_bind = @ldap_bind($ldap_connection, $username.$domain, $password);
if (! $ldap_bind)
{
echo '<p>LDAP BINDING FAILED</p>';
exit;
}
// You can work now!!!
ldap_close($ldap_connection);
备注:
php_ldap扩展名。
[延长= php_ldap.dll] <强>参考文献: