Hello,

I'm trying to pull the password policy response message from ldap_bind() method: password is expiring, password expired etc.


While checking the packet content from OpenLDAP after ldap_bind() request, with Wireshark, there is a control hooked to the ldap_bind() response, were the message code and message text about password expiration is, but I can't manage to parse that message from response.

I set the password policy request server control before the bind with ldap_set_option().
Any workaround or what am I doing wrong?

<pre>
<?php

$address = 'x.x.x.x';
$dn = 'eduPersonPrincipalName=ex@ex,ou=People,ou=Users,dc=exa,dc=com';
$password = 'secret';

if($link = ldap_connect($address))
{
    ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, 3);
$ppolicy_control = array("oid" => "1.3.6.1.4.1.42.2.27.8.5.1","iscritical" => true);
if(!ldap_set_option($link,LDAP_OPT_SERVER_CONTROLS,array($ppolicy_control)))
    {
        echo "SERVER_CONTROLS not set\n";
    }

    if(ldap_bind($link, $dn, $password))
    {
        if($result = ldap_search($link, $dn, '(|(uid=ex))'))
        {
$return = ldap_parse_result($link, $result, $errcode, $matcheddn, $errormsg, $ldapreferrals);
            var_dump($return);
            var_dump($errcode);
            var_dump($matcheddn);
            var_dump($errormsg);
            var_dump($ldapreferrals);

        }
    }
    else
    {
        echo 'Not Bound';
    }
}
ldap_unbind($link);
?>
</pre>

------
REGARDS,
Andrius Kulbis


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to