PHP LDAP 连接
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9232950/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP LDAP Connection
提问by JERC
I'm trying to connect in LDAP with php-ldap. I got a issue using ldap_bind():
我正在尝试使用 php-ldap 在 LDAP 中进行连接。我在使用时遇到问题ldap_bind():
$username = 'josue.ruiz';
$password = 'pass';
$ldapconfig['host'] = '10.10.10.11';
$ldapconfig['port'] = 389;
$ldapconfig['basedn'] = 'dc=domain,dc=com';
$ds=ldap_connect($ldapconfig['host'], $ldapconfig['port']);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
$dn="cn=".$username.",ou=Technology,".$ldapconfig['basedn'];
if ($bind=ldap_bind($ds, $dn, $password)) {
echo("Login correct");
} else {
echo("Login incorrect");
}
I get this message:
我收到这条消息:
Warning: ldap_bind(): Unable to bind to server: Invalid credentials in ...
警告:ldap_bind():无法绑定到服务器:无效的凭据...
But when I try this way:
但是当我尝试这种方式时:
ldap_bind($ds,'[email protected]','pass');
It works fine, but to me it doesn't work because I want to filter by OU, and with this way I can't. Does anyone have any advice for this problem?
它工作正常,但对我来说它不起作用,因为我想过滤OU,而用这种方式我不能。有没有人对这个问题有任何建议?
回答by AlexC
When you are trying to do ldap_bindyou are only connecting and determining if the credentials validate. What you need to do is add your domain to the username and let it connect. Then if you want to determine if the user is the 'Technology' OU with ldap_search()Consider doing it like this:
当您尝试这样做时, ldap_bind您只是在连接并确定凭据是否有效。您需要做的是将您的域添加到用户名并让它连接。然后,如果您想确定用户是否是“技术”OU,ldap_search()请考虑这样做:
$domain = 'mydomain.com';
$username = 'josue.ruiz';
$password = 'pass';
$ldapconfig['host'] = '10.10.10.11';
$ldapconfig['port'] = 389;
$ldapconfig['basedn'] = 'dc=domain,dc=com';
$ds=ldap_connect($ldapconfig['host'], $ldapconfig['port']);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
$dn="ou=Technology,".$ldapconfig['basedn'];
$bind=ldap_bind($ds, $username .'@' .$domain, $password);
$isITuser = ldap_search($bind,$dn,'(&(objectClass=User)(sAMAccountName=' . $username. '))');
if ($isITuser) {
echo("Login correct");
} else {
echo("Login incorrect");
}
