I have code which added user to the ladp server in php
function ldapAddUser($ldap_conn, $ou_dn, $firstName, $lastName, $username, $pwdtxt, $email) {
$dn = "CN=$firstName $lastName," . $ou_dn;
$ldaprecord['givenName'] = $firstName;
$ldaprecord['sn'] = $lastName;
$ldaprecord['mail'] = $email;
$ldaprecord['objectclass'] = array("top", "person", "organizationalPerson", "user");
$ldaprecord["sAMAccountName"] = $username;
$ldaprecord["userprincipalname"] = $username . '@test.local';
$ldaprecord["UserAccountControl"] = "544";
$r = ldap_add($ldap_conn, $dn, $ldaprecord);
var_dump($r);
$encodedPass = array('userpassword' => "{SHA}" . base64_encode( sha1( $newPassw, TRUE ) ));
echo "Change password ";
if (ldap_mod_replace($ldap_conn, $dn, $encodedPass)) {
echo "succeded";
} else {
echo "failed";
}
$group_name = "CN=LDAP Testing,OU=Test,DC=test,DC=local";
$group_info['member'] = $dn;// User's DN is added to group's 'member' array
ldap_mod_add($ldap_conn,$group_name,$group_info);
}
**user will add successfully but after added user when I tried to login with that user it did not allow me to login and give error like **
Blockquote
Error Binding to LDAP: 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0
for login
function login($username, $password) {
$ip = "XX.XX.XX.XX"; // WAN IP goes here;
$ldap_url = "ldap://$ip";
$ldaps_url = "ldaps://$ip";
$ldap_domain = 'test.local';
$ldap_dn = "dc=test,dc=local";
define('LDAP_OPT_DIAGNOSTIC_MESSAGE', 0x0032);
// Unsecure - WORKS
$ldap_conn = ldap_connect($ldap_url) or die("Could not connect to LDAP server ($ldap_url)");
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
echo $password;
$result = ldap_bind($ldap_conn, "$username@$ldap_domain", $password);
if (!$result) {
if (ldap_get_option($ldap_conn, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) {
echo "Error Binding to LDAP: $extended_error";
} else {
echo "Error Binding to LDAP: No additional information is available.";
}
}
}
but it will work if I will manually login into the interface with admin login and then reset the password for added user then user will successfully login with my login function .
Please provide suggestion if any one have idea
Thanks Pratik