Solved

Ldap_bind() always returning true

Posted on 2004-09-02
5
1,569 Views
Last Modified: 2012-06-21
I am currently attempting to tie in a ticket system (written in PHP) into Active Directory.  I am using the ldap functions of php for authentication in a modified "standard" login.php file.  Here is my code:

                $ldaphost1 = "ldap://dc1.xxxx.net";
                $ldaphost2 = "ldap://dc2.xxxx.net";
                $ldapdn = "cbuell@xxxx.net";
                $ldappwd = "mypassword";

                if (!($ds = ldap_connect($ldaphost1)) {
                         if(!($ds = ldap_connect($ldaphost2)) {
                                        echo "Cannot connect to the domain";
                         }
                }

                ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);

                $bind = ldap_bind($ds, $ldapdn, $ldappwd);

                if ($bind) {
                         echo "Bind completed";
                }
                else {
                         echo "Bind not completed";
                }


I believe the connection is performed correctly.  However, regardless of what incorrect username or password I use, I always get $bind = 1, or true.  I am unable to get a false return.

Anonymous bindings are set as default for Active Directory, in that they are allowed, but not able to perform any action.  Whenever I supply an incorrect password, though, I should get "Incorrect Credentials" as I do when I test the ldap connections with LDP.exe.

I am running PHP on OS X, although I have no idea if that is relevant (or the problem).

Any ideas as to what could be my problem?   Thanks for your time!


Chris

0
Comment
Question by:cbuell
  • 2
  • 2
5 Comments
 
LVL 26

Expert Comment

by:ushastry
ID: 11971510
Hi,

Please check out this..

http://bugs.php.net/bug.php?id=19520


Hope this Helps!
0
 

Author Comment

by:cbuell
ID: 11973731

Thanks for that link ushastry, I went and did some research on that.

From what I've read, there has been a work around for that for some time in which the ldap password is set to " " (a space) instead of an empty string.  Then it correctly invalidates the username/password.

Following that line of thought, I did go and double check that my password was being set, and was not an empty string.  Unfortunately, that seems to be working properly, so I'm still thinking I have a problem elsewhere?


Thanks for the help,

Chris
0
 
LVL 1

Accepted Solution

by:
iamtgo3 earned 500 total points
ID: 11978631
I realize this is not Active Directory but here is a similiar thing I wrote for Novell LDAP. Check it out it may help.

http://www.ipdg3.com/sourcecoderesults.php?option=search_sourcecode&sc=PHP_&ss=ldap&match=cp&offset=0

George - www.ipdg3.com
0
 

Author Comment

by:cbuell
ID: 11999575

I have solved my problem.

The problem was simply syntax.  The ldap_bind needed to be called as @ldap_bind.  I'm not sure why this is required, as sample code I looked at (thank you for your link, George) simply call ldap_bind.

I am giving the points to iamtgo3 because although his code used the function call without the "@", I was viewing his code when the thought occured to me.


Thanks for the help,

Chris
0
 
LVL 1

Expert Comment

by:iamtgo3
ID: 12006039
Thanks Chris glad I could help weather it was a small or big part of your solution. I am glad you have your question solved.

George - www.ipdg3.com
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question