Le 6 juillet 2010 15:17, Clément OUDOT <[email protected]> a écrit : > ----- Message d'origine ----- > >> Hello, >> >> I´ve got a problem with the self service password tool. >> I´d like to change the password of a Windows 2008 R2 directory. >> I´m testing the tool on a Windows XP machine. >> With other ldap tools I can connect with ssl to the AD. >> LSC works fine with ldaps. >> >> But with the tool I´m not able to get a connection: >> >> Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: >> Can't contact LDAP server in C:\Programme\Apache Software >> Foundation\Apache2.2\htdocs\index.php on line 111 >> >> >> >> My configuration: >> >> # LDAP >> $ldap_url = "ldaps://141.69.121.117"; >> $ldap_binddn = "cn=Administrator,cn=Users,dc=test,dc=local"; >> $ldap_bindpw = "xxx"; >> $ldap_base = "dc=test,dc=local"; >> $ldap_filter = "(&(objectClass=user)(sAMAccountName={login}))"; >> >> # Active Directory mode >> # true: use unicodePwd as password field >> # false: LDAPv3 standard behavior >> $ad_mode = true; >> >> # Samba mode >> # true: update sambaNTpassword and sambaPwdLastSet attributes too >> # false: just update the password >> # Warning: this require mhash() to be installed on your system >> $samba_mode = false; >> >> # Hash mechanism for password: >> # SSHA >> # SHA >> # SMD5 >> # MD5 >> # CRYPT >> # clear (the default) >> # This option is not used with ad_mode = true >> $hash = "clear"; >> >> # Local password policy >> # This is applied before directory password policy >> # Minimal length >> $pwd_min_length = 0; >> # Maximal length >> $pwd_max_length = 0; >> # Minimal lower characters >> $pwd_min_lower = 0; >> # Minimal upper characters >> $pwd_min_upper = 0; >> # Minimal digit characters >> $pwd_min_digit = 0; >> # Show policy constraints message >> $pwd_show_policy = false; >> >> # Who changes the password? >> # user: the user itself >> # manager: the above binddn >> $who_change_password = "user"; >> >> # Language >> $lang ="de"; >> >> # Logo >> $logo = "style/ltb-logo.png"; >> >> # Debug mode >> $debug = true; >> ?> >> > > > > Hello, > > your configuration looks ok. You have to find how to handle LDAP > certificates with PHP on windows. On Linux, we have the > /etc/openldap/ldap.conf to do that. > > I'm interested in the answer if someone find it. >
Hi, I Already done that. If I remember, PHP does not fail when there is an invalid hostname. See http://fr.php.net/manual/fr/function.ldap-connect.php#36156 The error described below looks like the server is unreachable on 636 port. With Active Directory, you could install the certificate authority service (or public key service) in administration tools (win menu > administration tools), to generate a server certificate. Cheers, Thomas. -- Thomas Chemineau _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
