I am trying to do log-ins to an intranet site for work. I’ve got ldap working to the point where I can authenticate as the domain administrator and perform a basic search in php. If I try to use my log in (which is a member of the administrators group) or a test user account, I cannot authenticate. The users I am testing with are in the same OU, I also tried giving domain users read and execute security rights to the php_ldap.dll file of the webserver.
I’m working on a windows 2k domain
my webserver is running a WAMP 2 in win 2003 install that includes php 5.2.9 and apache 2.2.11
Please ask if there is any additional information needed.
Here is the code I am using to handle the login process:
<?php
include (‘functions.php’);
include (‘config.php’);
session_start();
$username = $_POST[‘username’]; #needs security methods
$password = $_POST[‘password’]; #needs security methods
$ldaprdn = ‘example.org/Users/’.$username; // ldap rdn or dn
$ldappass = $password; // associated password
$ds=ldap_connect(LDAP_SERVER); // must be a valid LDAP server!
echo "connect result is " . $ds . “<br />”;
if ($ds) {
echo “Binding …”;
$r=ldap_bind($ds, $ldaprdn, $ldappass);
if ($r == 1) {
$_SESSION['valid_user'] = $username;
} else {
if (isset($_SESSION[‘failed’]) == true) {
$_SESSION[‘failed’] = $_SESSION[‘failed’] + 1;
} else {
$_SESSION[‘failed’] = 1;
}
}
echo “Closing connection”;
ldap_close($ds);
}
header (‘location: helpdesk.php’);
?>
helpdesk.php checks to see if you have a valid session and attempts to build a dashboard page if a session username was created or not. As mentioned it is only working as administrator and no other users.
Thanks in advance for any insight.