lonewolf217 Posted July 11, 2008 Share Posted July 11, 2008 I am trying to create a very simple login page and I am having a little difficulty with authenticating $ldap['user'] = $_POST['username']; $ldap['pass'] = $_POST['userpass']; $ldap['host'] = 'dcserver.com'; $ldap['port'] = 389; $ldap['dn'] = 'DC=domain,DC=com'; $ldap['base'] = 'CN=Users,DC=domain,DC=com'; // connecting to ldap $ldap['conn'] = ldap_connect( $ldap['host'], $ldap['port'] ) or die( 'Could not connect to server'); // binding to ldap $ldap['bind'] = ldap_bind( $ldap['conn'], $ldap['dn'], 'password' ); if( !$ldap['bind'] ) { echo ldap_error( $ldap['conn'] ); exit; } // search for the user on the ldap server and return all // the user information $ldap['result'] = ldap_search( $ldap['conn'],'','(cn='.$ldap['user'].')'); This is basically the beginning of the code up to the search. The problem is that the user will login using the alias, but the only thing that I can successfully search on so far is the distinguished name. i.e. the user is John Doe with a login of jdoe. I can successfully find the user if i use $ldap['result'] = ldap_search( $ldap['conn'], $ldap['base'],'(CN=John Doe'); but I cannot figure out how to map the login "jdoe" to the DN "John Doe". What am i missing ? Link to comment https://forums.phpfreaks.com/topic/114282-solved-problems-with-ldap-query/ Share on other sites More sharing options...
rhodesa Posted July 11, 2008 Share Posted July 11, 2008 for the ldap_bind, you need the person's unique DN, which usually looks something like uid=jdoe,DC=domain,DC=com what are you dealing with for $_POST['username']? is it "John Doe" or jdoe? also, if you run this, what is the output? <?php $ldap['host'] = 'dcserver.com'; $ldap['port'] = 389; $ldap['dn'] = 'DC=domain,DC=com'; $ldap['base'] = 'CN=Users,DC=domain,DC=com'; $ldap['conn'] = ldap_connect( $ldap['host'], $ldap['port'] ) or die( 'Could not connect to server'); $ldap['bind'] = ldap_bind( $ldap['conn'] ) or die(ldap_error( $ldap['conn'] )); $ldap['result'] = ldap_search( $ldap['conn'],$ldap['base'],'(cn=John Doe)'); print 'DN: '.ldap_get_dn($ldap['conn'],ldap_first_entry($ldap['result'])); ?> Link to comment https://forums.phpfreaks.com/topic/114282-solved-problems-with-ldap-query/#findComment-587667 Share on other sites More sharing options...
lonewolf217 Posted July 11, 2008 Author Share Posted July 11, 2008 unfortunetly the $_POST['username'] would always be "jdoe" but the DN looks like CN=John Doe,DC=company,DC=com Link to comment https://forums.phpfreaks.com/topic/114282-solved-problems-with-ldap-query/#findComment-587673 Share on other sites More sharing options...
rhodesa Posted July 11, 2008 Share Posted July 11, 2008 ok...no problem...a couple questions... 1) Can you anonymously bind to the LDAP directory? If you can run the ldap_bind() with no user/pass, then this means yes. 2) What attribute field is the 'jdoe' username stored in? Link to comment https://forums.phpfreaks.com/topic/114282-solved-problems-with-ldap-query/#findComment-587676 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.