Here is the scenario:
Active Directory Domain Controller named "bob"
bob is on the test.int domain
Linux Enterprise 3.0 server named "project" (not on the test.int domain)
I have a script on "project" that connects to the Active Directory on "bob" using ldap_connect, ldap_bind, etc...
A portion of the script is:
echo "<h3>LDAP query test</h3>\n";
echo "Connecting...";
// using ldap bind
$ldapdomainNB = 'test.int';
$ldaprdn = 'admin'; // ldap rdn or dn (i.e., username)
$ldappass = 'somepass'; // associated password
$ds=ldap_connect("ldaps://
bob's ip/"); // must be a valid LDAP server!
echo "OK. Connect result is " . $ds . "\n";
EVERYTHING IS FINE TILL THIS PART...
if ($ds) {
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION,
3);
# In order to perform the searches on Windows 2003 Server Active Directory you have to set the LDAP_OPT_REFERRALS option to 0:
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
# Without this, you will get "Operations error" if you try to search the whole AD schema (using root of the domain as a $base_dn).
# As opposed to Windows 2000 Server, where this option was optional and only increased the performance.
echo "Binding...";
$r=ldap_bind($ds, $ldapdomainNB.'\\'.$ldaprd
n, $ldappass)
# $r=ldap_bind($ds) // this is an "anonymous" bind, typically
or exit(">>Could not bind to ldap host<<\n"); // read-only access
echo "OK\n";
Here is the problem... IF I run this script - we'll call it ldap_test.php, from the browser - it gives a "page cannot be displayed"...
HOWEVER, if I go into the command line on the linux server and type: php ldap_test.php it is able to bind and goes through the rest of the script and gives my results.
WHY can I not do this through the browser? Why does it only work if I run the script via linux command line? Has anybody run into this before and if so, any suggestions?
Thanks,
RIch
Start Free Trial
