I'm wondering how to authenticate against ApacheDS in PHP. I keep getting a "Invalid Credentials" when I try to log on as a user in a group. I can log in as "uid=admin,ou=system" just fine, but if I try "uid=,ou=consumers,ou=system", it returns "Invalid Credentials".
It is important to note that this is not the full DN of the entry. It's more like "uid=...+gn=...+...,ou=consumers,ou=system". I can search and find this value just fine when bound to the administrator and the API account.
How do I bind to a user just to authenticate and retrieve information on them (like the rest of their attributes and the children of their entry? Here's what I'm doing and failing.
$dn = ldap_connect($serveraddress,10389);
$bn = ldap_bind("uid=".$user.",ou=consumers,ou=system");
var_dump($bn);
var_dump(ldap_error($dn);
Thank you for any help you can provide.
Edit: So I've gotten farther. Why is this a protocol error?
$ds=ldap_connect("192.168.1.126",10389); // must be a valid LDAP server!
if ($ds) ldap_bind($ds,"uid=apiaccess,ou=system",...);
else die("!Can't connect to server");
$userid = md5($user);
$results = ldap_get_entries($ds,ldap_search($ds,"ou=consumers,ou=system","(uid=".$userid.")"));
$result = $results[0]["dn"];
echo $result;
if ($ds) ldap_bind($ds,$result,$pass);
else die("!Can't connect to server");
var_dump(ldap_error($ds));
You need to tell PHP to use LDAPv3.
Before you call ldap_bind, add the following call: