Thread: php2ldap

    #1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2003
    Posts
    6
    Rep Power
    0

    php2ldap


    Hey all,

    I try to connect to openLDAP with PHP, but I get the following error:

    Warning: LDAP: Unable to bind to server: Protocol error in /usr/local/httpd/htdocs/testdomain/connect_anonym.php on line 12
    anonymes LDAP bind fehlgeschlagen...

    Can anyone help me?

    Should I change something in the slapd.conf?
    When I open the phpinfo, LDAP is present:
    LDAP Support enabled
    RCS Version $Id: ldap.c,v 1.82.4.2 2001/05/30 21:18:17 rasmus Exp $
    Total Links 0/unlimited
    API Version 2004

    Thanx bye...

    My System: Apache/1.3.19 (Unix) (SuSE/Linux) PHP/4.0.6
    and I use openLDAP 2.1.22

    Here my connect file:
    <?php

    //verwenden von anonymen ldap bind

    // verbinden zum ldap server
    $ldapconn = ldap_connect("localhost", 389)
    or die("Could not connect to LDAP server.");

    if ($ldapconn) {

    // anonymes binding
    $ldapbind = ldap_bind($ldapconn);

    if ($ldapbind) {
    echo "anonymes LDAP bind erfolgreich...";
    } else {
    echo "anonymes LDAP bind fehlgeschlagen...";
    }

    }
    ?>

    When I only try the connet there are no errors!

    Here the LDAP Debug:

    do_bind
    ber_scanf fmt ({imt) ber:
    ber_scanf fmt (m}) ber:
    >>> dnPrettyNormal: <>
    <<< dnPrettyNormal: <>, <>
    do_bind: version=2 dn="" method=128
    send_ldap_result: conn=2 op=0 p=2
    send_ldap_response: msgid=1 tag=97 err=2
    ber_flush: 52 bytes to sd 7
    connection_get(7): got connid=2
    connection_read(7): checking for input on id=2
    ber_get_next
    ber_get_next: tag 0x30 len 5 contents:
    ber_get_next
    ber_get_next on fd 7 failed errno=0 (Success)
    connection_read(7): input error=-2 id=2, closing.
    connection_closing: readying conn=2 sd=7 for close
    connection_close: deferring conn=2 sd=7
    do_unbind
    connection_resched: attempting closing conn=2 sd=7
    connection_close: conn=2 sd=7
  2. #2
  3. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    Your code is fine, I tested it and it worked. The only thing that comes to mind is that it can't find the server, ie localhost.

    When I only try the connect there are no errors!
    This is because the connect function doesn't really connect to the server, it just creates a resource. There is no connection attempt until you do ldap_bind() then it checks the server.

    Another thing it could be that anonymous bind isn't allowed.

    So try your IP first if that still doesn't work, try something like this from your terminal:
    ldapsearch -x -s base -b "dc=udb,dc=fam" "objectClass=*"

    This should display something, if it does it means anonymous access is allowed and your server is running, if it errors or can't connect or something, then something else is wrong.
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2003
    Posts
    6
    Rep Power
    0
    Hey,

    with the command:
    ldapsearch -x -s base -b "dc=udb,dc=fam" "objectClass=*"

    I get the result:
    version: 2

    #
    # filter: objectClass=*
    # requesting: ALL
    #

    # my-domain,dc=com
    dn: dc=my-domain,dc=com
    objectClass: dcObject
    objectClass: organization
    o: my-domain
    dc: my-domain

    # search result
    search: 2
    result: 0 Success

    # numResponses: 2
    # numEntries: 1

    So I think that is OK!

    Now I tried this:
    (and set in the slapd.conf: allow bind_v2)

    The bind is successful, but in the LDAP Log the error:
    ber_get_next on fd 7 failed errno=11 (Resource temporarily unavailable)
    do_unbind

    IŽam disperated!

    Joe


    <?php
    // get a connection
    $ldap=ldap_connect("localhost", 389);
    // check to see if we got one, if we did, proceed
    if($ldap)
    {
    if(!$passWord)
    {
    // generate a bogus password to pass if the user doesn't give us one
    // this gets around systems that are anonymous search enabled
    $passWord = crypt(microtime());
    }
    }

    echo "connect: ".$ldap."<p>";
    $ldapbind = ldap_bind($ldap);
    echo "bind: " .$ldapbind."<p>";
    //$sr=ldap_search($ldap,"dc=my-domain, dc=com", "(cn=Keith)" );
    // echo "Search result is ".$sr."<p>";
    // using ldap bind
    $ldaprdn = "cn=Manager,dc=my-domain,dc=com"; // ldap rdn or dn
    $ldappass = "secret"; // associated password

    // connect to ldap server
    $ldapconn = ldap_connect("localhost", 389)
    or die("Could not connect to LDAP server.");

    if ($ldapconn) {

    // binding to ldap server
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

    // verify binding
    if ($ldapbind) {
    echo "LDAP bind successful...";
    } else {
    echo "LDAP bind failed...";
    }

    }

    $sr1=ldap_search($ldap,"dc=my-domain, dc=com", "(mail=root*)" );
    echo "Search result is ".$sr1."<p>";
    ?>
  6. #4
  7. Psycho Canadian
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jan 2001
    Location
    Canada
    Posts
    4,846
    Rep Power
    635
    Like I said your code looks fine and your server is running anonymous access is allowed but it seems PHP can't bind to it, did you try putting the IP in instead of localhost?

    Resource temporarily unavailable that would normally mean the server isn't running (but it is if ldap_search worked) or something can't access it properly.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Posts
    1
    Rep Power
    0
    I had a similar problem. In the end it turned out that I used the wrong LDAP version (2) when instead I had to do an LDAP Bind with v3 of the protocol

    Cheers
    fla

IMN logo majestic logo threadwatch logo seochat tools logo