I am decommissioning our old web server that is hosting our OFFLINE website that uses LDAP for logins.
The site is running on XAMPP and I have copied over all the databases and the web site to the new server. I am upgrading from XAMPP 8.0.0.0 to XAMPP 8.2.4. I am only using Apache and MySQL. I can get to the site but I am unable to authenticate with LDAP as I can with the old server. In the code for the authentication it will not bind. I am not sure why. LDAP servers have been restarted since turning on the new server and getting it in place. People are able to login through A/D on their machines without a problem.
function authenticateUser($user, $password) {
$host = "DC01";
$domain = "DOMAIN.NET";
$basedn = "dc=DOMAIN,dc=NET";
$group = "Users";
$ad = ldap_connect("ldaps://{$host}.{$domain}:636") or die('Could not connect to LDAP server.');
ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ad, LDAP_OPT_REFERRALS, 0);
if (@ldap_bind($ad, "{$user}@{$domain}", $password) == TRUE) {
$userdn = ldapGetDN($ad, $user, $basedn);
if (ldapCheckGroup($ad, $userdn, ldapGetDN($ad, $group, $basedn))) {
// echo "Your're authorized as ";
$userCheck = 1;
}
else {
// echo "Authorization failed";
$userCheck = 0;
}
}
else {
// echo "Could not bind to AD ";
$userCheck = 0;
}
return $userCheck;
}
XAMPP extensions I have ldap enabled but it won't authenticate. It looks like it goes to the else and not the if (@ldap_bind($ad, "{$user}@{$domain}", $password) == TRUE) {
What am I missing for the Authentication? The server has a valid cert issued by the CA.
UPDATE: Checked the php.ini and the 8.2.4 has a not about putting the extension=ldap must be before the extension=curl if OpenSSL1.0.2 or OpenLDAP is used or it results in a segfault when unloading after using SASL. So I have ldap after curl. Either way I am still getting a bind error. Bind I am unable to bind.
No comments:
Post a Comment