好的,我已经改变了我以前的代码。我还发现我没有开发版本!:/
我的新代码构造得更好,但我无法理解 LDAP_SEARCH 位,我得到的错误是:
错误:
Warning: ldap_search(): Search: Operations error in C:\inetpub\wwwroot\Intranet\login\index.php on line 34
Search on LDAP failed
我的代码:
<?php
// Application specific LDAP login
$app_user = 'cn=users,dc=DOMAIN, dc=local';
$app_pass = '';
// User-provided info (either from _POST or any way else)
// You should LDAP-escape $username here since it will be
// used as a parameter for searches, but it's not a
// subject of this article. That one will follow soon. :-)
$username = 'USERNAME';
$password = PASSWORD;
// Here we'll put user's DN
$userdn = 'users';
// Connect to LDAP service
$conn_status = ldap_connect('SERVER.DOMAIN.local', 389);
if ($conn_status === FALSE) {
die("Couldn't connect to LDAP service");
}
// Bind as application
$bind_status = ldap_bind($conn_status, $app_user, $app_pass);
if ($bind_status === FALSE) {
die("Couldn't bind to LDAP as application user");
}
// Find the user's DN
// See the note above about the need to LDAP-escape $username!
$query = "(&(uid=" . $username . ")(objectClass=user))";
$search_base = "cn=users,dc=DOMAIN, dc=local";
$search_status = ldap_search(
$conn_status, $search_base, $query, array('dn')
);
if ($search_status === FALSE) {
die("Search on LDAP failed");
}
// Pull the search results
$result = ldap_get_entries($conn_status, $search_status);
if ($result === FALSE) {
die("Couldn't pull search results from LDAP");
}
if ((int) @$result['count'] > 0) {
// Definitely pulled something, we don't check here
// for this example if it's more results than 1,
// although you should.
$userdn = $result[0]['dn'];
}
if (trim((string) $userdn) == '') {
die("Empty DN. Something is wrong.");
}
// Authenticate with the newly found DN and user-provided password
$auth_status = ldap_bind($conn_status, $userdn, $password);
if ($auth_status === FALSE) {
die("Couldn't bind to LDAP as user!");
}
print "Authentication against LDAP succesful. Valid username and password provided.";
?>
背景资料:
服务器在我们的域上,并从网络内部连接,因为该服务是一个内部网,不会从外部暴露给互联网。