Re: LDAP confusion

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/4/06, jblanchard@xxxxxxxxxx <jblanchard@xxxxxxxxxx> wrote:
> [snip] I vaguely recall you couldn't do an anonymous bind to an active
> directory system - you had to properly authenticate before you could do
> a search.
>
> You didn't include the bind stuff so I can't tell if that's the problem
> :)
> [/snip]
>
> I thought that I was not doing an anonymous bind, until I changed the
> username to something that I know did not exist. The bind occurred (or
> appeared to) anyhow.
>
> if(!$ds=ldap_connect("foo")){
>         echo "did not connect";
> }else {
>         echo "connection successful";
> }
> $un = "user";
> $upw = "pass";
> echo "connect result is " . $ds . "<br />";
> ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
> ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
>
> if ($ds) {
>    echo "Binding ...";
>    if(!$r=ldap_bind($ds, $un, $upd)){
>         echo "unable to verify</br>";
>    }else{
>         echo "verified<br>";
>    }
>
> The result is always "verified".

>From the comments on www.php.net/ldap_bind:

I have found that if either  of the valuse for user or password are
blank, or as in my case a typo resulted in a blank user as it was an
undefined variable, the ldap_bind() will just perform an anonymous
bind and return true!


You have:
$upw = "pass";

but using $upd in ldap_bind ...

if(!$r=ldap_bind($ds, $un, $upd)){

unless it's a typo in your example that could explain it. ?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux