ldap_rename
Bug , the function parameters are sent incorrectly to the server
Look at:
http://bugs.php.net/bug.php?id=39291
ldap_sasl_bind
(PHP 5)
ldap_sasl_bind — Authentification au serveur LDAP en utilisant SASL
Description
bool ldap_sasl_bind
( resource
$link
[, string $binddn = NULL
[, string $password = NULL
[, string $sasl_mech = NULL
[, string $sasl_realm = NULL
[, string $sasl_authc_id = NULL
[, string $sasl_authz_id = NULL
[, string $props = NULL
]]]]]]] )Avertissement
Cette fonction n'est pas documentée et seule la liste des arguments est disponible.
Valeurs de retour
Cette fonction retourne TRUE en cas de
succès ou FALSE si une erreur survient.
Notes
Note: Conditions d'utilisation
ldap_sasl_bind() nécessite le support SASL (sasl.h). Assurez-vous que l'option de configuration --with-ldap-sasl est utilisée lors de la compilation de PHP, sinon, cette fonction ne sera pas définie.
Historique
| Version | Description |
|---|---|
| 5.3.3 | Le support Windows a été ajouté. |
add a note
User Contributed Notes
ldap_sasl_bind - [4 notes]
dahgdevash at gmail dot com ¶
6 years ago
devel at romanr dot info ¶
8 months ago
There is some reenterability bug: you can't use this function several times in a single process. PHP process (apache or fastcgi) should be restarted. Consider PHP_FCGI_MAX_REQUESTS=1
dwhite at olp dot net ¶
5 years ago
With the patch introduced in the bug below (which has been included in CVS), the parameters for this function should be:
bool ldap_sasl_bind ( resource $link [, string $binddn [, string $password [, string $sasl_mech [, string $sasl_realm [, string $sasl_authc_id [, string $sasl_authz_id [, string $props]]]]]]] )
Some example calls:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy');
With authz_id, specifying a dn:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'dn:uid=tommy,ou=people,dc=example,dc=com');
With authz_id, specifying a SASL username:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'u:tommy');
Also, since SASL authentication was introduced in LDAP version 3,
you may need to explicitly set the version number with:
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
Caleb Callaway ¶
1 year ago
Code snippet demonstrating how to establish a TLS-encrypted connection to an OpenLDAP server from an Apache webserver and authenticate using a user's Kerberos credentials. Credentials MUST be delegated to the web server for this method to work.
<?php
putenv("KRB5CCNAME={$_SERVER['KRB5CCNAME']}");
$resource = ldap_connect("ldap.example.com")
or die("Failed to connect to LDAP server.");
echo "Connected to LDAP server.<br />";
//these options may not be necessary in all environments
ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($resource, LDAP_OPT_REFERRALS, 0);
$result = ldap_start_tls($resource)
or die("Failed to start TLS");
echo "Started TLS.<br />";
$result = ldap_sasl_bind($resource, NULL, '', 'GSSAPI', 'EXAMPLE.COM', '', '')
or die("Failed to GSSAPI bind.<br />");
echo "GSSAPI bound.";
?>