Page 1 of 1

PHP MD5 and LDAP

Posted: Wed May 15, 2002 8:38 pm
by rohan.hawthorne
I am trying to do an ldap_compare to check a userPassword attribute against an md5() created string. The results of an ldapsearch -x are:

# rohan hawthorne, users, groove, train, amarda
dn: cn=rohan hawthorne,ou=users,dc=groove,dc=train,dc=amarda
objectClass: simpleSecurityObject
objectClass: account
uid: rohan.hawthorne
userPassword:: e01ENX1yaXNmeWxGWlNlWFZUN0lyanRsVmRRPT0=

I created the entry by doing an ldapadd -f on the following file:

dn: cn=rohan hawthorne,ou=users,dc=groove,dc=train,dc=amarda
objectclass: simpleSecurityObject
objectclass: account
uid: rohan.hawthorne
userPassword: {MD5}risfylFZSeXVT7IrjtlVdQ==

As you can see, the userPassword was created from slappasswd -h {MD5} with the password 'testing' and doesn't look anything like the results of ldapsearch -x.

The code for the ldap_compare (the PHP bit) is as follows:

$ldap = ldap_connect ('localhost');
$dn = "cn=rohan hawthorne,ou=users,dc=groove,dc=train,dc=armada";
$password = md5 ('testing')

if ( ldap_compare( $ldap, $dn, "userPassword", $password) === TRUE)
{ //etc. etc.

But it doesn't work. I'm guessing because if you do an echo of md5('testing') you get this:

ae2b1fca515949e5d54fb22b8ed95575

...which doesn't look like any of the other passwords.

Please help or direct me to someone who can.

Rohan.

Posted: Sun May 19, 2002 9:43 am
by volka
take a look at the user contributed notes for ldap_compare