i'm not sure if i follow you. i have never used ldap to write
authentication scripts as i've only used the .htaccess method.
to retrieve data you need to bind using a username/password combination
that is valid. i guess you could test your user's username/password by
using it to attempt a bind.
the following is copied verbatim from the manual's user notes:
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
[EMAIL PROTECTED] (03-Jan-2002 11:46)
It took quite a while to figure out how to do LDAP authentication as
there wasn't a complete example ... just some cryptic notes about
passwords. So, here's what I came up with that works for me:
// $inp_uid contains the user id to be authenticated
// $inp_passwd contains the plain text password to be authenticated
$ds=ldap_connect("ldap.someserver.com");
//substitute the real host name in the previous statement
if ($ds) {
$r=@ldap_bind($ds); // this is an anonymous bind
$st_search="uid=$res_uid";
// need to set the right root search information in next statement.
// Your requirement may be different
$sr=ldap_search($ds,"ou=mycompany.com,o=My Company", "$st_search");
$info = ldap_get_entries($ds, $sr);
for ($i=0; $i<$info["count"]; $i++) {
$dn=$info[$i]["dn"];
}
// I now know the dn needed to authenticate
// now bind to see if the uid and password work
// the password is still plain text
$r=@ldap_bind($ds, $dn, $inp_passwd);
if ($r) {
$str_passok="Yes";
// ldap_bind will return TRUE if everything matches
} else {
$str_passok="No";
// otherwise ldap_bind will return FALSE
}
ldap_close($ds);
} else {
$error_string="Error -- unable to connect to ldap.someserver.com";
}
I'm sure that there's more error checking that needs to be done, but
this provides the basic skeleton....
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
Joshua
Richard Whittaker wrote:
>>If on the other hand you actually want to retrieve data from your LDAP
>>system then i suggest reading the manual. it's not actually a lot harder
>>that connecting to RDBMS.
>>
>>I managed to get a working script straight off the manual page.
>>http://www.php.net/manual/en/ref.ldap.php
>
>
> Unfortunately, what I know about LDAP would fit on the head of a very small
> object (I.E. a pin), so I'm still getting used to the whole idea of LDAP...
>
> So, with NDS, I would just do an ldp_bind to the proper tree, with a
> username and password, and testing for that would tell me if the
> Username/Password combination is valid, or would there be something further
> I'd have to do?....
>
> Thanks!
> Richard W.
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
