I configured LDAP for SSL (LDAPS) on the Active Directory (AD) Domain Controller (DC).
The DC is a Windows 2003 Server box.
To do this I:
1) Setup the DC as a Certificate Authority (CA)
2) Issued a Certificate to itself
3) Issued a Certificate to the client that would be connecting via LDAPS
The client is configured in the following manner:
1) Windows 2003 Server Running IIS
2) PHP 5.0.4 installed
3) LDAP support enabled
- Uncommented the php_ldap.dll extension
- Copied the php_ldap.dll file into the appropriate directory
- Restarted IIS
Using the LDP tool, I was able to connect and bind via ports 389, 636, and 3269.
Here is the code I am using to attempt the bind:
<?php
$host = "ldaps://server.addomain.domain.com";
$un = "jdoe";
$pw = "password";
$lc = ldap_connect($host);
ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($lc, LDAP_OPT_REFERRALS, 0);
$lb = ldap_bind($lc, $un, $pw);
ldap_close($lc);
?>
If I change it to ldap://server.addomain.domain.com it functions correctly.
Is there a secure bind function I should know about?
Thanks for the help!
Phillip
