无法联系ldap_bind上的LDAP服务器（$ con，$ rdn，$ pwd）

for a while now i'm fiddling around with an LDAP connection to an Active Directory Server for authentication. I tried this the PHP native way and also using Zend Framework. Even though the ldap_connect() works fine, as soon as i bind something, the ldapConnection appears to break down. This is the script i've tried

error_reporting(E_ALL | E_STRICT);
putenv('LDAPTLS_REQCERT=never');

$ldapcon = ldap_connect("FQSN", 636);

ldap_set_option($ldapcon, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapcon, LDAP_OPT_REFERRALS, 0);

$anon = ldap_bind($ldapcon, "CN=WebTestuserAW,OU=Benutzer,OU=DOM,DC=dom,DC=de", "Sommer2012");
//also tried: 
//$anon = ldap_bind($ldapcon, 'WebTestuserAW@dom.de', 'Sommer2012');

echo ldap_error($ldapcon);

Using the above i get Can't contact LDAP server. Doing a var_dump($ldapcon) returns a resource link. When trying to connect using the Zend Framework approach, the error may have some more hints, since some additional connection parameters are given

2012-11-12T14:37:39+01:00 DEBUG (7): Ldap: 1: host=FQHN,port=636,bindRequiresDn=1,baseDn=OU=Benutzer,OU=DOM,DC=dom,DC=de,accountFilterFormat=(sAMAccountName=%s),useSsl=1,useStartTls=,accountDomainName=dom.de,username=CN=WebTestuserAW,password=*****
2012-11-12T14:37:39+01:00 DEBUG (7): Ldap: 2: /var/www/html/login/library/Zend/Ldap.php(850): 0x1: Failed to retrieve DN for account: stosic@dvv.de [0x51 (Can't contact LDAP server): ldaps://FGHN:636]
2012-11-12T14:37:39+01:00 DEBUG (7): Ldap: 3: #0 /var/www/html/login/library/Zend/Auth/Adapter/Ldap.php(316): Zend_Ldap->bind('username@dom.de', '*****')

I seriously just have no clue anymore. I've googled around, played a bit with LDAP-Protocol Versions, played around with the request certificate option, but simply nothing helps. The connection to the server works per se on ldap_connect but as soon as you bind something it doesn't work anymore. This remains true for anonymous binds, too.

At office no one has any clue and neither do i. So if anyone has any suggestions on what i can still try, i'd be very greatful for that! Thanks in advance.

Additional information:

Server LDAP Config:
- LDAP Support enabled
- RCS Version $Id: ldap.c 299434 2010-05-17 20:09:42Z pajoye $
- Total Links 0/unlimited
- API Version 3001
- Vendor Name OpenLDAP
- Vendor Version 20343
- SASL Support Enabled
Both ldap:// and ldaps:// has been tested
ldap_connect() returns a resource link
ldap_bind() doesn't work, ldap_errno() returns -1 (Can't connect to LDAP Server)
LDAPTLS_REQCERT and TLS_REQCERT

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongxieyi9115 2012-11-12 14:57
关注
By default, ldaps is not enabled in AD. Did you try connecting over port 389? Are you able to connect to it using some LDAP tool (like Apache Directory Studio)?

That's my guess as to why it's not working... but try using the FQDN of the DC too, or maybe even an IP.

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

LDAP问题，ldap_bind无效的dn语法 php
2012-11-21 05:55

回答 2 已采纳 As stated in the error, your bind DN is the wrong format. DN's represent the full path to the obje
ldap_search返回空数组 php
2019-01-25 14:27

回答 1 已采纳 Finally found the culprit: in PHP code, I supplied my server address as "ldap://xx.xxxx.xx" which
ldap_add（）：添加：推荐 php
2018-10-31 09:32

回答 1 已采纳 Referrals can be returned if you are talking to a slave LDAP server (essentially a read-only copy
php ldap modify,PHP ldap_mod_add 用法手册 | 示例代码
2021-04-28 05:20

久果樱杏的博客 Using PHP 4.2.3 with IIS 5 and Win2k Server. My confs are:$ldap_srvr = 'servername' ;...$ldap_con = ldap_connect($ldap_srvr, $ldap_port);$ldap_rdn = "username";$ldap_pwd = "__password__...
php中的ldap_add返回“已存在68”错误 php
2015-09-18 06:46

回答 1 已采纳 I might be wrong, but from what I read in your code you have an entry OU=Advertising,OU=EmailDepar
Go cgo ldap_init无法确定C.ldap_init的名称种类
2016-02-08 06:22

回答 1 已采纳 I would start by getting the basics of Go and cgo working before adding the individual peculiariti
PHP LDAP，ldap_search只返回少数用户 php
2017-03-06 15:55

回答 1 已采纳 try to play with the scope (it can be sub, one, or base), if you want all entries from child OUs,
python 用户认证_Python使用LDAP做用户认证的方法
2020-12-11 07:56

weixin_39960503的博客 LDAP(Light Directory Access Portocol)是轻量目录访问协议，基于X.500标准，支持TCP/IP。LDAP目录以树状的层次结构来存储数据。每个目录记录都有标识名(Distinguished Name，简称DN)，用来读取单个记录，一般是这样...
LDAP - 服务器A - >服务器B - > LDAP php
2018-06-12 15:44

回答 1 已采纳 System specific ... httpd_can_connect_ldap (seen through getsebool -a | grep http | grep ldap for
PHP LDAP克服大小限制 php
2014-07-23 14:33

回答 1 已采纳 According to php.net/manual/...ldap-search, you should set the $sizelimit parameter to 0 to disab
无法在新的PHP IIS服务器上启用LDAP扩展 php
2016-08-03 13:27

回答 2 已采纳 OK, I have resolved this, been away for a week, came back to look at it again... Turns out at the
Hyperf连接LDAP服务
2022-10-13 10:35

三杯不过岗的博客 Hyperf下连接LDAP服务，容器环境是PHP8.0
PHP组的LDAP成员 php windows
2016-05-13 11:37

回答 1 已采纳 You might want to have a look at this stack-overflow question to see how to solve it without a lib
python ldap3获取所有用户信息_Python使用LDAP做用户认证的方法
2020-12-02 22:29

weixin_39968722的博客 LDAP(Light Directory Access Portocol)是轻量目录访问协议，基于X.500标准，支持TCP/IP。LDAP目录以树状的层次结构来存储数据。每个目录记录都有标识名(Distinguished Name，简称DN)，用来读取单个记录，一般是这样...
Spring-LDAP 服务部署和连接实战
2019-06-08 19:25

开心自由天使的博客安装部署openldap ldap-admin more start-openldap-docker.sh #!/bin/bash #https://github.com/osixia/docker-openldap docker stop openldap docker rm openldap docker run -d \ --privileged=true \ --name...
没有解决我的问题, 去提问

悬赏问题

¥20 关于#qt#的问题：Qt代码的移植问题
¥50 求图像处理的matlab方案
¥50 winform中使用edge的Kiosk模式
¥15 关于#python#的问题：功能监听网页
¥15 怎么让wx群机器人发送音乐
¥15 fesafe材料库问题
¥35 beats蓝牙耳机怎么查看日志
¥15 Fluent齿轮搅油
¥15 八爪鱼爬数据为什么自己停了
¥15 交替优化波束形成和ris反射角使保密速率最大化