setting a LDAP password

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
kamme
Forum Newbie
Posts: 4
Joined: Thu Jun 01, 2006 4:01 am

setting a LDAP password

Post by kamme »

Hello, I'm having problems with PHP5 and setting the ldap password.

I can auth and bind and such using and account I've made on the win2003 box, but when I try to make a new account in php I can't bind it because of an 'wrond credentials' error. When I go to the win2003 box and reset the password to the same value (example: when I made the user in php I put in 'buhbuhbuh' as pass, and on the win2003 box I reset the pass to 'buhbuhbuh') I can bind all of a sudden...

I've looked on php.net, google, ... but I didn't find anything that works. I've even used phpldapadmin to set the password, but that didn't work either...

I've been working on it for almost a week now so I'm getting out of idea's...

Any help would be appreciated!
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Setting a password on an account is different than setting other properties. In NDS (Novell's implementation of a Directory Service), this is how I have to do it on my system:

Code: Select all

$update_context = "cn=joeUser,o=MyOrg";
$conn = ldap_connect('ldap://my.ldap.ip');
ldap_bind($conn,$bind_context,$bind_password);

$userdata['userpassword'] = 'submitted password';//the field 'userpassword' will probably change between DS implementations
ldap_mod_replace($conn,$update_context,$userdata);
You should also check to make sure that the user you're binding with has the proper permissions to create a new user AND to set a password - they might be different permissions.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
kamme
Forum Newbie
Posts: 4
Joined: Thu Jun 01, 2006 4:01 am

Post by kamme »

First of all, thank you for the reply.

I've allready tried your suggestion, but that didn't work either.

This is a piece of code I am using:

Code: Select all

$userdata["UserPassword"] = "buhbuhbuh";
$result = ldap_mod_replace($ldap, $base_dn, $userdata);
if ($result) 
echo "User modified!<br>" ;
else 
echo "There was a problem!<br>";

ldap_close($ldap);
It tells me:

User modified!

But when I do a bind afterwards, it tells me:

Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Invalid credentials in /home/kim/public_html/pas.php on line 47
Could not bind to the LDAP account

Note that it's a windows 2003 server and I'm createing the user as administrator...

I'm really stuck here...
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

You should check whatever documentation you have to double-check the variable name for the password. It's 'userpassword' in my particular instance of NDS, but it's almost certainly different in Active Directory.

Have you checked Active Directory documentation to see if it's even possible to change the password via LDAP?
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Post Reply