PHP ldap_bind() authentication – error Unable to bind to server: Invalid credentials

ldapPHP

I'm trying to authenticate a user with LDAP using PHP. I have the DN for the user which I have checked to be correct. I also have a password. This is the correct password for the user when they authenticate with SamAccountName.

I am hoping this is the password to use when authenticating with the DN. There isn't a Distinguished Name specific password for LDAP is there? The following is my code to authenticate using PHP's ldap_bind() function. Am I doing this correct?

$ldaphost="ldap://somehost.com:3268";
$dn = "cn=LastName\, FirstName Dept/Country/ext,OU=Accounts,OU=Location,ou=Division,";
$basedn="dc=abc,dc=enterprise";

if (!($connect = ldap_connect($ldaphost))) {    
  die ("Could not connect to LDAP server"); 
} 

$ldapbind = ldap_bind($connect, "$dn" . "$basedn", $password);

if ($ldapbind) {
   echo "LDAP bind successful...";
} else {
   echo "LDAP bind failed...";
}

The result I get from the above code is :

Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server:
Invalid credentials LDAP bind failed…

From the line where ldap_bind() call is made:

$ldapbind = ldap_bind($connect, "$dn" . "$basedn", $password);

Invalid credentials makes me believe there is something wrong potentially with the DN or password. I have triple checked the DN and there is not an error there as far as I can see.

Any ideas?

Best Answer

I guess you are connecting to a Microsoft Domain, you can try the domain syntax for the credentials then. For User015 in DOMAIN - DOMAIN\user015

Related Solutions

Ldap_bind() ERROR

Is your server up? Verify that it is up by telneting to port 389 first. This looks like a server not running issue.

Php – Authenticating user with LDAP from PHP with only SamAccountName and Password

This works for me. I spent many a days trying to figure this one out.

<?php

//We just need six varaiables here
$baseDN = 'CN=Users,DC=domain,DC=local';
$adminDN = "YourAdminDN";//this is the admin distinguishedName
$adminPswd = "YourAdminPass";
$username = 'Username';//this is the user samaccountname
$userpass = 'UserPass';
$ldap_conn = ldap_connect('ldaps://yourADdomain.local');//I'm using LDAPS here

if (! $ldap_conn) {
        echo ("<p style='color: red;'>Couldn't connect to LDAP service</p>");
    }
else {    
        echo ("<p style='color: green;'>Connection to LDAP service successful!</p>");
     }
//The first step is to bind the administrator so that we can search user info
$ldapBindAdmin = ldap_bind($ldap_conn, $adminDN, $adminPswd);

if ($ldapBindAdmin){
    echo ("<p style='color: green;'>Admin binding and authentication successful!!!</p>");

    $filter = '(sAMAccountName='.$username.')';
    $attributes = array("name", "telephonenumber", "mail", "samaccountname");
    $result = ldap_search($ldap_conn, $baseDN, $filter, $attributes);

    $entries = ldap_get_entries($ldap_conn, $result);  
    $userDN = $entries[0]["name"][0];  
    echo ('<p style="color:green;">I have the user DN: '.$userDN.'</p>');

    //Okay, we're in! But now we need bind the user now that we have the user's DN
    $ldapBindUser = ldap_bind($ldap_conn, $userDN, $userpass);

    if($ldapBindUser){
        echo ("<p style='color: green;'>User binding and authentication successful!!!</p>");        

        ldap_unbind($ldap_conn); // Clean up after ourselves.

    } else {
        echo ("<p style='color: red;'>There was a problem binding the user to LDAP :(</p>");   
    }     

} else {
    echo ("<p style='color: red;'>There was a problem binding the admin to LDAP :(</p>");   
} 
?>

Related Topic

Php – Warning: ldap_bind(): Unable to bind to server: Invalid credentials PHP and LDAP