LDAP bind error accessing AD: Can't contact LDAP server

Question

I am new to LDAP, and fairly new to PHP; I'm trying to access Active Directory. The following ldapsearch command works at a shell prompt:

ldapsearch -H ldap://healthdiagnostics.local -b ou='All HD Users',dc=healthdiagnostics,dc=local -D admin.mchristie@healthdiagnostics.local -w 'mypassword'

so I assume that means that healthdiagnostics.local is accepting LDAP requests. In PHP, if I do this:

$ds = ldap_connect("ldap://healthdiagnostics.local");

I get success, but my understanding is that ldap_connect will return success on anything that parses as a URL, so that doesn't tell me much. Then for the bind:

$r=ldap_bind($ds,'admin.mchristie@healthdiagnostics.local','mypassword');

which gives me this error:

Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /var/www/webapp.hmca2.com/public_html/terms.php on line 24

Some searching and reading made me think I needed a connection string, so I tried these:

$r=ldap_bind($ds,'uid=admin.mchristie@healthdiagnostics.local,ou=Administrators,dc=healthdiagnostics,dc=local', 'password');
$r=ldap_bind($ds,'uid=admin.mchristie,ou=Administrators,dc=healthdiagnostics,dc=local','password');

with the same result. This makes me think I don't have a successful connection from the ldap_connect step, but I don't see how to figure out the problem. Searching old answers here I found a suggestion to add "TLS_REQUEST allow" to ldap.conf, which I've done to no benefit. Any help would be appreciated.

Answer 1

To enable LDAP, you would also need to install a CA certificate for the LDAP and update your LDAP configuration file with the certificate information. There are some guides online depending on what OS you are using.