On 3/4/06, jblanchard@xxxxxxxxxx <jblanchard@xxxxxxxxxx> wrote:
> [snip] I vaguely recall you couldn't do an anonymous bind to an active
> directory system - you had to properly authenticate before you could do
> a search.
>
> You didn't include the bind stuff so I can't tell if that's the problem
> :)
> [/snip]
>
> I thought that I was not doing an anonymous bind, until I changed the
> username to something that I know did not exist. The bind occurred (or
> appeared to) anyhow.
>
> if(!$ds=ldap_connect("foo")){
> echo "did not connect";
> }else {
> echo "connection successful";
> }
> $un = "user";
> $upw = "pass";
> echo "connect result is " . $ds . "<br />";
> ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
> ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
>
> if ($ds) {
> echo "Binding ...";
> if(!$r=ldap_bind($ds, $un, $upd)){
> echo "unable to verify</br>";
> }else{
> echo "verified<br>";
> }
>
> The result is always "verified".
>From the comments on www.php.net/ldap_bind:
I have found that if either of the valuse for user or password are
blank, or as in my case a typo resulted in a blank user as it was an
undefined variable, the ldap_bind() will just perform an anonymous
bind and return true!
You have:
$upw = "pass";
but using $upd in ldap_bind ...
if(!$r=ldap_bind($ds, $un, $upd)){
unless it's a typo in your example that could explain it. ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
