I'm trying to write some PHP to query an AD LDS/LDAP (2012 R2) instance and I can't get the thing to connect. I currently have it set up as an unencrypted connection (prod will be ssl/tls).
Current troubleshooting:
- I can connect to my LDAP instance via ldapsearch and perform queries
- I can connect via LDP on my windows boxes
- I can ping the LDAP server and telnet to the port from my nix box.
- Tried full rdn for the username
- Tried URI (ldap://ldapserver:50001 or passing the port as it's own var)
I've rewritten the code a million times thinking it was a syntax error of some sort or something not passing correctly. $ldapconn is returning "Resource id #2", which per the PHP manual appears to be correct. I'm stumped at this point. Is there any additional debugging I can turn on?
Here is the error it's kicking back:
Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /usr/share/nginx/html/logintest3.php on line 20
Here is the relevant code:
<?php
// all the debugging
ini_set('display_errors', 'On');
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
$ldapuser = "ldapbind";
$ldappassword = "ldapbinder";
$ldapserver = "ldapserver";
$ldapport = 50001;
// connect to ldap server
$ldapconn = ldap_connect($ldapserver, $ldapport)
or die("Could not connect to $ldapserver");
// check if ldap_connect returned a resource value
if($ldapconn) echo "$ldapconn";
// attempting bind
$ldapbind = ldap_bind($ldapconn, $ldapuser, $ldappassword);
echo "Ldap connection debug: " . ldap_error($ldapconn) . "
";
?>
