2012/5/11 Sven Amme <[email protected]>: > Hallo, > > I try to configure the ssp 0.7 to access our Active Directory (Windows > Server 2003 SP2). > > Error: ldap_bind () [function.ldap-bind]: Unable to bind to server: Invalid > credentials in / opt / self-service password / pages / change.php on line 84 >
This error means you have a wrong binddn or bindpw. > Here is my config.inc.php: > > $ldap_url = "ldap://192.168.0.2";; > $ldap_binddn = "cn=admin,ou=Users,dc=oste,dc=de"; > $ldap_bindpw = "1234567"; > $ldap_base = "ou=Users,dc=oste,dc=de"; > $ldap_filter = "(&(objectCategory=user)(sAMAccountName={login}))"; > #(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; > #$ldap_filter = "(&(objectClass=user)(sAMAccountName={login}))"; > #$ldap_filter = "(&(objectClass=person)(uid={login}))"; > > # Active Directory mode > # true: use unicodePwd as password field > # false: LDAPv3 standard behavior > $ad_mode = true; > # Force account unlock when password is changed > $ad_options['force_unlock'] = true; > # Force user change password at next login > $ad_options['force_pwd_change'] = false; > > # changes the password? > # Also applicable for question/answer save > # user: the user itself > # manager: the above binddn > $who_change_password = "manager"; > > The user "admin" is a member of the group "Domain Admins". > > I have already created a certificate on the DC. Does the certificate on the > server with SSP import? And if so, how? > I've also tried the following: > $ldap_url = ldaps://192.168.0.2; > $ldap_url = ldaps://192.168.0.2:389; The second will ot work, as 389 port is the LDAP port, not LDAPS port. The first one is good. > > Unfortunately, with the error: Can not contact LDAP > > What have I missed? Have modified the ldap.conf file? See http://ltb-project.org/wiki/documentation/self-service-password/latest/config_ldap Clément. _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
