LDAP SSL Bind to Active Directory 2003

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
axelseaa
Forum Newbie
Posts: 3
Joined: Fri Oct 28, 2005 3:58 pm

LDAP SSL Bind to Active Directory 2003

Post by axelseaa »

Hello,

I have been trying to search out how to setup my Redhat server so that
php can use ldap over ssl to connect to an active directory server. I
have the server ca cert, but I'm not finding a clear answer of what to
do with it to get php to work.

Any suggestions? Thanks!
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

First you need to bind to connect to the server using ldap_connect(). After that, you need to bind to the server as a particular user using ldap_bind(). If you're using ldap as a credential check, then that's all you need.

If you're searching your Active Directory for values though, you'll need to set up a filter (similar to: (cn=joeUser), a search context (similar to ou=organizationalGroup,o=yourOrganization) and do an ldap_list(). Finally, you'll need to do an ldap_get_entries() call on the results of that list and then you'll finally have your data.

There may be other ways of using LDAP, but that's how I do it.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
axelseaa
Forum Newbie
Posts: 3
Joined: Fri Oct 28, 2005 3:58 pm

Post by axelseaa »

I can bind to the server just fine, my problem is that i want to connect to the ldap server using ssl. And there doesnt appear to be much, or any documenation on how to accomplish this.

I have the CA Cert from the Active Directory Server, I just don't know where to place it so that php can find it.

Does anyone have any idea on this?
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

I think it's as simple as stating your binding address is ldaps:// as opposed to ldap://
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
axelseaa
Forum Newbie
Posts: 3
Joined: Fri Oct 28, 2005 3:58 pm

Post by axelseaa »

When you connect to an Active Directory server with LDAP over ssl, you need to install the server cert somewhere on the other server that is using php to connect to it. Im having trouble getting php to find this cert.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Hmm, I've never had that problem. Is OpenSSL configured properly? I imagine LDAP is using OpenSSL for its secure connections, so if the certificate is accessible from OpenSSL, it should work.

I use Novell NDS at work, and I'm not sure how its different from Active Directory.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Post Reply