We've finally set-up our server to accept ldap SSL connections thanks to another question answered by a helpful member.
Our problem now is that when attempting to bind to ldap using the below simple PHP script, we constantly fail. Binding using ldap instead of ldaps works just fine using the script so I know the ldap is enabled. The catcher is that while using LDP.exe, we can successfully connect and bind to ldap on port 636 using a secure connection.
The script we are failing with is below:
<?php
$ldap = ldap_connect("ldaps://localhost");
$username="user";
$password="pass";
if($bind = ldap_bind($ldap, $username,$password ))
echo "logged in";
else
echo "fail";
echo "<br/>done";
?>
We've also attempted inputting the username as "user@domain" or "domain/user" with no success. It seems I'm forever having LDAP/Cert questions. Our environment is Server 2008.
Best Answer
Finally found another piece of the solution while using PHP 7.x. Hope this helps someone else.
Thanks to reddit user gripejones here: https://www.reddit.com/r/PHPhelp/comments/3tykpc/php_7_and_ldap/
PHP 7 requires an environment variable (LDAPCONF) set to the location of your config file. It used to be that you could put the config file either in this folder C:\openldap\sysconf\ldap.conf or in C:\ldap.conf.
You don't need to copy the dll files as mentioned in step 2 here: http://greg.cathell.net/php_ldap_ssl.html
Make sure the reference to the ldap server is in the form ldaps://servername and that the server name is the same as the server name in the certificate (If it is xyzzy.company.com, then you need to use ldaps://xyzzy.company.com, do not use ldaps://xyzzy).
No need to include the port unless you are using a nonstandard ssl port.