SSL ldap bind

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello list

I am trying to do an ssl ldap bind to novell's edir 8.7.
I have followed the examples from http://us4.php.net/manual/en/function.ldap-connect.php I know these examples are for AD, but they should be close to the same.
I have exported the server cert and made the changes to ldap.conf. and restarted the ldap service 

from the command line on a linux box this works:
ldapsearch -H "ldaps://ldapserver" -x

but this does not
ldapsearch -H "ldaps://ldapserver"

and returns the error:
ldap_ssl_interactive_bind_s: Unknown authentication method (86)
additional info: SASL(-4): no mechanism available: No worthy mechs found if i run the above command with the debug option -d 16 it says something about supportedSASLMechanisms1...NMAS_LOGIN
notice that on the one that does not work i am not using the -x option. This option allows you todo simple authentication. 

In php i can do a bind on the normal port of 389, but anything on 636 fails.


$ldapserver="ldapserver";  //this works
$ldapserver="ldaps://ldapserver";  //this fails
$ldapserver="ldapserver:636";  //this fails

if (!($ldap = ldap_connect($ldapserver)))
{
  die ("Could not connect to LDAP Server: $server\n");
}
else {
  print "Connected\n";
}
if (!(ldap_bind($ldap, $bindUser,$bindPass)))
{
  die ("Unable to Bind");
}
else {
  print "Bound\n";
}
I am assuming the reason that it is failing is that i am getting that same SASL error. 

Is there anyway to make ldap_bind() use simple authentication??
I looked at ldap_set_option() and could not find anything about simple authentication. http://us4.php.net/manual/en/function.ldap-set-option.php This page has a link to: http://www.openldap.org/devel/cvsweb.cgi/~checkout~/doc/drafts/draft-ietf-ldapext-ldap-c-api-xx.txt This page says something about a constant value LDAP_SASL_SIMPLE. Is there anyway to configure this? 

I am using:
 PHP 4.3.3 --with-openssl --with-ldap=yes
 Apache 2.0
 Openldap
 OpenSSL 0.9.7b 10 Apr 2003


I have googled all over for this, any help would be appreciated.

Thanks,
Jason Motes

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux