Page 5 of 12 First ... 34567 ... Last
  • Jump to page:
    #61
  1. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    After reading a TON of info on PHP and ldap I believe our problem is that PHP LDAP doesn't support SSL

    I could be totally wrong but from what I read here it appears for now PHP is based off LDAP v.2 not v.3 thus no SSL support.

    The current version of PHP is 4.0.6, and its LDAP support is built on the Netscape or OpenLDAP libraries. Again, however, its LDAP support is mostly v2 based (although LDAP controls are supported as of 4.0.4 with the OpenLDAP libraries) and thus will not support SSL sessions and other v3 functionality, even if the C library supports them. You'll want to look at the PHP web page (http://www.php.net) for details on the LDAP calls themselves.
  2. #62
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14
    But it says the current version of PHP is v4.0.6. Of course, PHP is much newer than that, and with that, I wonder if LDAP has also been upgraded/improved...

    I'll do a little research too.
  4. #63
  5. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    I'm using PHP 5RC3 and it still defaults to version 2 unless you specificly say otherwise. So it'd appear to me that it hasn't yet, but please another person searching would help . Also this is kinda helpfull to me, even though I'm not needing it right now in the future I need PHP to support SSL.
  6. #64
  7. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14
    SSL must be supported, because PHP.net says to copy libeay32.dll and ssleay32.dll to the system folder of a Windows server (which I have). http://www.php.net/manual/en/ref.ldap.php This leads me to believe LDAP in PHP supports SSL.

    Also, v3 supports SSL, and you can set the version with ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3).
    Last edited by MatthewClark; June 21st, 2004 at 08:22 PM.
  8. #65
  9. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    Yep version 3 does support SSL, but if you atttempt to connect to ldaps:// it always errors this shouldn't happen.
  10. #66
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14
    I'm gonna try this: use exec() with the stringconverter utility to get my password.

    Also, when using the ldp.exe utility in the Windows Support tools, I found that you cannot modify unicodePwd through the GC port 3269. PHP won;t tell you this - all it says is "Unwilling to perform". The ldp.exe utility will tell you exactly why...

    I will try using the stringconverter and exec(), and we'll see what happens...
  12. #67
  13. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14
    I forgot - exec() and system() never work. They always belch out "Unable to fork" errors.
  14. #68
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14

    Angry


    Well, as I have been for the past several weeks, I seem to be wasting time because nothing works. There is NOTHING on the 'net about this, and LDP.exe is no help either. All we ever get is "Unwilling to perform", no matter what.

    I'm going to give up for now - I've done all I can do with no tangable results. I will keep monitoring this thread, though...
  16. #69
  17. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    Well it's been fun spamming this thread with you . I got to get SSL working with LDAP for a project now so I'm going to work on this. Currently looking at the PHP source and going to try to track it from there.
  18. #70
  19. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14
    Alright...good luck. I'll be watching this one...
  20. #71
  21. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Location
    Greenock, Scotland
    Posts
    5
    Rep Power
    0

    Talking


    I can now reset Domain Password in Active Directory
    But only to a default Password (which i can change at regular intervals with Stringconverter)
    here is the code i used!
    PHP Code:
    <?php 

        session_start
    ();

        
    // is this user authenticated, let them access this page?
        
    if(!isset($_SESSION["user"]) || $_SESSION["user"]=="")
        {
                
    printf("You are not an authenticated user");
                
    // nope, bail.
                
    exit();
        }

    $dn urldecode($_GET['dn']);
    $entry "dn: ".$dn."\nchangetype: modify\nreplace: unicodePwd\nunicodePwd::IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgA=\n-\n";
    $fp fopen("c:\\chPwd.ldif""w");
    echo 
    $entry;
    echo 
    "<br>";
    fputs($fp$entry);
    fclose($fp);

    $sys=system("ldifde -i -f c:\chPwd.ldif -t 636 -s fsstudent -b ".$_SESSION['login']." college.jameswatt.ac.uk ".$_SESSION["pass"]."");
    ?>
    what this page (chpass3.php)does is take the dn from the URL given by the last page & then uses ldifde to reset the users password to , in this case "newPassword"
    but u can use stringconvertor to change this to anything you want!
    I'm fairly new to php but my background is in Active Directory (MCSE/MCSA)
    this does work.. email me if you need more info!
    soon i'll put together a Tutorial for all the newguy & stick it on here!
    Cheers
    Wullie
  22. #72
  23. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    San Angelo, Texas (USA)
    Posts
    286
    Rep Power
    14
    Well, then take the password from a form and write it to the file chPwd.ldif. That say you're not stuck with using the same ol' password. I considered doing this exact yesterday, but never tried it...
  24. #73
  25. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Location
    Greenock, Scotland
    Posts
    5
    Rep Power
    0
    like i said i'm newish to PHP

    The Original Idea was to reset it to their Date of Birth which is kept in active directory but i can't get it change from dateofbirth to unicode
    And after speaking to my Boss he has settled with the idea of reseting it to a generic password that is changed every day or so!(using Stringconverter)

    i've learned a lot from this thread alone thanks to both Viper_SB & Matthew Clark
    Cheers Lads!
  26. #74
  27. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2004
    Posts
    1
    Rep Power
    0

    Microsoft Knowledge Base Article - 269190


    Hi,

    Maybe this article could shed some light ?

    How To Change a Windows 2000 User's Password Through LDAP
  28. #75
  29. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Posts
    3
    Rep Power
    0

    IS SSL a MUST for Active directory access??


    Hi,

    I am trying to create user acct in Active Directory LDAP server frm=om a JAVA application.

    1) Is SSL a must??
    2) how come i am able to create users with setting password over a non-SSL mode from a java app?
    3) how come i am able to create accts with password from C++ apps??

    Is there a clear document from MSFT on SSL requirements for ADS access to create user accts from C++/Java apps.

    Anita
Page 5 of 12 First ... 34567 ... Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo