Hello,
I have been trying to search out how to setup my Redhat server so that
php can use ldap over ssl to connect to an active directory server. I
have the server ca cert, but I'm not finding a clear answer of what to
do with it to get php to work.
Any suggestions? Thanks!
LDAP SSL Bind to Active Directory 2003
Moderator: General Moderators
First you need to bind to connect to the server using ldap_connect(). After that, you need to bind to the server as a particular user using ldap_bind(). If you're using ldap as a credential check, then that's all you need.
If you're searching your Active Directory for values though, you'll need to set up a filter (similar to: (cn=joeUser), a search context (similar to ou=organizationalGroup,o=yourOrganization) and do an ldap_list(). Finally, you'll need to do an ldap_get_entries() call on the results of that list and then you'll finally have your data.
There may be other ways of using LDAP, but that's how I do it.
If you're searching your Active Directory for values though, you'll need to set up a filter (similar to: (cn=joeUser), a search context (similar to ou=organizationalGroup,o=yourOrganization) and do an ldap_list(). Finally, you'll need to do an ldap_get_entries() call on the results of that list and then you'll finally have your data.
There may be other ways of using LDAP, but that's how I do it.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
I can bind to the server just fine, my problem is that i want to connect to the ldap server using ssl. And there doesnt appear to be much, or any documenation on how to accomplish this.
I have the CA Cert from the Active Directory Server, I just don't know where to place it so that php can find it.
Does anyone have any idea on this?
I have the CA Cert from the Active Directory Server, I just don't know where to place it so that php can find it.
Does anyone have any idea on this?
Hmm, I've never had that problem. Is OpenSSL configured properly? I imagine LDAP is using OpenSSL for its secure connections, so if the certificate is accessible from OpenSSL, it should work.
I use Novell NDS at work, and I'm not sure how its different from Active Directory.
I use Novell NDS at work, and I'm not sure how its different from Active Directory.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.