I am having trouble authenticating users with LDAP. I can authenticate users when I use "CN" or "givenName" but not when I use "samaccountname", which is the username. CN is just the first + last name.
Does anyone know why only CN and not samaccountname works?
$strUsername = "test";
$strPassword = "pass";
$dn = 'samaccountname=' . $strUsername . ',OU=Staff,DC=mydomain,DC=com';
$strDomain = "ldap://localhost/";
$bolAuth = false;
// connect to ldap server
$port = "389";
$objConn = ldap_connect($strDomain);
if ($objConn)
{
if ( $strPassword != null )
{
$bolAuth = ldap_bind($objConn, $dn, $strPassword);
if ( $bolAuth ) {
$search_id = ldap_search($objConn, "OU=Staff,DC=mydomain,DC=com", "(samaccountname=".$strUsername.")");
$entries = ldap_get_entries($objConn, $search_id);
if ($entries["count"] == 1) {
$first_name = $entries[0]["givenname"][0];;
$last_name = $entries[0]["cn"][0];
}
}
}
ldap_close($objConn);
}
if($bolAuth==false){
echo "fail";
return false;
}