0

I'm working on OpenLDAP password policy implementation to app. I'm trying to get password is expiring, password expired notifications from OpenLDAP.

I set the current value

$ppolicy_control = array("oid" => "1.3.6.1.4.1.42.2.27.8.5.1","iscritical" => true);

with ldap_set_option() for LDAP_OPT_SERVER_CONTROLS (password policy control)

I still don't get the password policy response from ldap_get_option().

What I have learned, that OpenLDAP C API hasn't implemented LDAP_OPT_SERVER_CONTROLS case on ldap_get_option() method. Checking the packets on Wireshark shows the ppolicy response hooked to the packet.

Is there any workaround to pull the password policy response from OpenLDAP using PHP or OpenLDAP C API?

4

1 回答 1

0

使用 ldap_control_find() API 和宏 LDAP_CONTROL_PASSWORDPOLICYRESPONSE 将其传递给 ldap_parse_passwordpolicy_control() API 以从 LDAP 服务器获取 ppolicy 响应

伪代码

ctrl = ldap_control_find(LDAP_CONTROL_PASSWORDPOLICYRESPONSE)

调用 ldap_parse_passwordpolicy_control(ppolicyinfo.expire ,ppolicyinfograce)

于 2013-09-11T09:40:47.010 回答