Warning: ldap_bind(): Unable to bind to server: Invalid credentials PHP and LDAP

Question

I'm trying to connect to an LDAP server to authenticate user credentials.

I've found a few users with this same issue but their solutions did not work for me.

here's what I'm using:

<?php
define('LDAP_SERVER', 'LDAP://pdc.mydomain.com');
define('LDAP_PORT', 389);
define('LDAP_TOP', 'dc=mydomain,dc=com');
if(isset($_POST['username']))
{
    if(!($ds = ldap_connect(LDAP_SERVER, LDAP_PORT)))
    {
        die ("Could not connect to mydomain domain");
    }
    $un = $_POST['username'].",".LDAP_TOP;
    //echo stripslashes($un)."<br>";
    $ldapbind = ldap_bind($ds, stripslashes($un), $_POST['password']);
    if($ldapbind)
        echo "login success";
    else
        echo "login failed";
}
?>

I've tried using "mydomain\myusername" and just "myusername".

I added the stripslashes() function when neither worked to test that, and still no dice.

the error I get every time is: Warning: ldap_bind(): Unable to bind to server: Invalid credentials

any help would be greatly appreciated

TIA

Answer 1

Check whether your login and pass correct. And before the login add domain. See in example bottom (HQ\login):

<?php
$login = 'HQ\student';
$password = 'MYPASS';
        
$ldap_link = ldap_connect('pdc.bc') or die("Sorry, could not connect to LDAP server.");

$ldapbind = @ldap_bind($ldap_link, $login, $password) or die ("Error trying to bind: ".ldap_error($ldap_link));
?>

Answer 2

I know it is a pretty old question and if you still need an answer then what happens if you run this code in a single php file?

$username = 'hello';
$password = '123123';
$server = '192.168.32.4';
$domain = '@yourdomain.local';
$port = 389;

$connection = ldap_connect($server, $port);
if (!$connection) {
    exit('Connection failed');
}

// Help talking to AD
ldap_set_option($connection , LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connection , LDAP_OPT_REFERRALS, 0);

$bind = @ldap_bind($connection, $username.$domain, $password);
if (!$bind) {
    exit('Binding failed');
}

// This is where you can do your work
echo 'Hello from LDAP';

ldap_close($connection );

More info is here.

Answer 3

I used these functions:

function authenticate($username, $password){
    include 'conf/config.inc.php';

    $ldap_Userdn = getUserDN($username);

    if($ldap_Userdn!=""){
        $ldap_con = ldap_connect($ldap_hostname,$ldap_port);
        ldap_set_option($ldap_con, LDAP_OPT_PROTOCOL_VERSION, 3);

        if(ldap_bind($ldap_con, $ldap_Userdn, $password)){
            return true; 
        } else  {
            //echo "<br>Error bind checkPassword function<br>";
            return false;
        }
    } else {
        echo "Error to find user DN" . ldap_error($ldap_con);
    }

    ldap_close($ldap_con);
}

function getUserDN($username){
    include 'conf/config.inc.php';

    $data = "";

    $ldap_con = ldap_connect($ldap_hostname,$ldap_port);
    ldap_set_option($ldap_con, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldap_con, LDAP_OPT_REFERRALS, 0);

    if(ldap_bind($ldap_con, $ldap_dn, $ldap_password)){
        $filter="(cn=$username)";
        $dn=$ldap_search; //even if it seems obvious I note here that the dn is just an example, you'll have to provide an OU and DC of your own

        $res = ldap_search($ldap_con, $ldap_search, $filter);
        $first = ldap_first_entry($ldap_con, $res);
        $data = ldap_get_dn($ldap_con, $first);

    } else {
        echo "<br>Error bind getUserDN function<br>" . ldap_error($ldap_con);
    }

    ldap_close($ldap_con);
    return $data;
}

an this is my config.inc.php:

<?php
$ldap_hostname = "my openldap IP";
$ldap_port = "389";
$ldap_dn = "cn=Manager,dc=mydomain,dc=com";
$ldap_search = "dc=mydomain,dc=com";
$ldap_password ="my password";
?>