I am trying to do log-ins to an intranet site for work. I’ve got ldap working to the point where I can authenticate as the domain administrator and perform a basic search in php. If I try to use my log in (which is a member of the administrators group) or a test user account, I cannot authenticate. The users I am testing with are in the same OU, I also tried giving domain users read and execute security rights to the php_ldap.dll file of the webserver.

I’m working on a windows 2k domain
my webserver is running a WAMP 2 in win 2003 install that includes php 5.2.9 and apache 2.2.11

Please ask if there is any additional information needed.

Here is the code I am using to handle the login process:

<?php
include (‘functions.php’);
include (‘config.php’);

session_start();

$username = $_POST[‘username’]; #needs security methods
$password = $_POST[‘password’]; #needs security methods

$ldaprdn = ‘example.org/Users/’.$username; // ldap rdn or dn
$ldappass = $password; // associated password

$ds=ldap_connect(LDAP_SERVER); // must be a valid LDAP server!
echo "connect result is " . $ds . “<br />”;

if ($ds) {
echo “Binding …”;

$r=ldap_bind($ds, $ldaprdn, $ldappass);

if ($r == 1) {

$_SESSION['valid_user'] = $username;

} else {

if (isset($_SESSION[‘failed’]) == true) {
$_SESSION[‘failed’] = $_SESSION[‘failed’] + 1;
} else {
$_SESSION[‘failed’] = 1;
}

}
echo “Closing connection”;
ldap_close($ds);
}

header (‘location: helpdesk.php’);

?>

helpdesk.php checks to see if you have a valid session and attempts to build a dashboard page if a session username was created or not. As mentioned it is only working as administrator and no other users.

Thanks in advance for any insight.