php-windows Digest 23 Oct 2006 08:45:24 -0000 Issue 3061

Mon, 23 Oct 2006 01:46:27 -0700 

php-windows Digest 23 Oct 2006 08:45:24 -0000 Issue 3061

Topics (messages 27247 through 27249):

Re: Using PHP to Bind over LDAPS.
        27247 by: Bowden, Zeb
        27248 by: Phillip Terry

PHP_PRINTER.DLL prints from shell but not from web
        27249 by: Robert

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [email protected]


----------------------------------------------------------------------
--- Begin Message --- 
This is happening because as far as PHP/OpenLDAP are concerned it
doesn't trust your CA. 
By default it's going to look in c:\openldap\sysconf for an ldap.conf
file. Create a c:\openldap\sysconf\ldap.conf with this on the first
line:
TLS_REQCERT never

Then you may need to restart IIS to get it to re-read that file.

This is just a workaround, you can read up on openldap and how to
configure it if you actually want to pay attention to the certs you're
using. You can also use environment variables (I think they are LDAPRC
(user settings) and LDAPCONF (system wide)) if you want to change the
location your conf file and/or do more involved things.

Hope this helps...

Zeb Bowden
VT.SETI.IAD.MIG:Systems Architect
http://vtmig.w2k.vt.edu




 

-----Original Message-----
From: Phillip Terry [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 19, 2006 12:42 PM
To: [email protected]
Subject: [PHP-WIN] Using PHP to Bind over LDAPS.

I configured LDAP for SSL (LDAPS) on the Active Directory (AD) Domain
Controller (DC).
The DC is a Windows 2003 Server box.

To do this I:
1) Setup the DC as a Certificate Authority (CA)
2) Issued a Certificate to itself
3) Issued a Certificate to the client that would be connecting via LDAPS

The client is configured in the following manner:
1) Windows 2003 Server Running IIS
2) PHP 5.0.4 installed
3) LDAP support enabled
    - Uncommented the php_ldap.dll extension
    - Copied the php_ldap.dll file into the appropriate directory
    - Restarted IIS

Using the LDP tool, I was able to connect and bind via ports 389, 636,
and 3269.

Here is the code I am using to attempt the bind:


<?php

$host = "ldaps://server.addomain.domain.com";
$un = "jdoe";
$pw = "password";

$lc = ldap_connect($host);

ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($lc, LDAP_OPT_REFERRALS, 0);

$lb = ldap_bind($lc, $un, $pw);

ldap_close($lc);

?>


If I change it to ldap://server.addomain.domain.com it functions
correctly.

Is there a secure bind function I should know about?

Thanks for the help!

Phillip

--- End Message ---
--- Begin Message --- 
My Lord, that worked!
I was racking my brain trying to figure that out.
In my searching, I saw some vague references to this ldap.conf, but I just assumed that was for linux boxes. 

I really appreciate the quick response.
I appreciate even more that it worked! :-)

Best Regards,
Phillip
----- Original Message ----- From: "Bowden, Zeb" <[EMAIL PROTECTED]> 
To: <[email protected]>
Sent: Thursday, October 19, 2006 11:56 AM
Subject: RE: [PHP-WIN] Using PHP to Bind over LDAPS.


This is happening because as far as PHP/OpenLDAP are concerned it
doesn't trust your CA.
By default it's going to look in c:\openldap\sysconf for an ldap.conf
file. Create a c:\openldap\sysconf\ldap.conf with this on the first
line:
TLS_REQCERT never

Then you may need to restart IIS to get it to re-read that file.

This is just a workaround, you can read up on openldap and how to
configure it if you actually want to pay attention to the certs you're
using. You can also use environment variables (I think they are LDAPRC
(user settings) and LDAPCONF (system wide)) if you want to change the
location your conf file and/or do more involved things.

Hope this helps...

Zeb Bowden
VT.SETI.IAD.MIG:Systems Architect
http://vtmig.w2k.vt.edu






-----Original Message-----
From: Phillip Terry [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 19, 2006 12:42 PM
To: [email protected]
Subject: [PHP-WIN] Using PHP to Bind over LDAPS.

I configured LDAP for SSL (LDAPS) on the Active Directory (AD) Domain
Controller (DC).
The DC is a Windows 2003 Server box.

To do this I:
1) Setup the DC as a Certificate Authority (CA)
2) Issued a Certificate to itself
3) Issued a Certificate to the client that would be connecting via LDAPS

The client is configured in the following manner:
1) Windows 2003 Server Running IIS
2) PHP 5.0.4 installed
3) LDAP support enabled
   - Uncommented the php_ldap.dll extension
   - Copied the php_ldap.dll file into the appropriate directory
   - Restarted IIS

Using the LDP tool, I was able to connect and bind via ports 389, 636,
and 3269.

Here is the code I am using to attempt the bind:


<?php

$host = "ldaps://server.addomain.domain.com";
$un = "jdoe";
$pw = "password";

$lc = ldap_connect($host);

ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($lc, LDAP_OPT_REFERRALS, 0);

$lb = ldap_bind($lc, $un, $pw);

ldap_close($lc);

?>


If I change it to ldap://server.addomain.domain.com it functions
correctly.

Is there a secure bind function I should know about?

Thanks for the help!

Phillip

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--- End Message ---
--- Begin Message --- 
Dear Friends, I thank you in advance if you give me 3 minutes of your time.

I've searched the php_printer PECL home page, but can't find it.

I want to report a bug

1) I can't find the home page for that pecl in the pecl web site. 
http://pecl.php.net/packages.php

 2) Before posting it I kindly ask you to tell me if you ever eard it 
before. Searching the whole internet I've found pople asking for it but no 
answers.

3) I tried working to overcome it, but no way.

the bug is this:

php 5.1.2 for windows
pecl extension php_printer.dll for 5.1.2 and also using the 5.1.6

1 SERVER
1 CLIENT sharing one PRINTER

the client shared printer is "mounted" on the server for a simple reason. My 
script printit.php SHOULD print on the client printer...

THE BUG ITSELF IS:
- if I open a command shell on the server and I type and run the following 
command "c:\>c:\program files\php\php.exe c:\www\printit.php" the print 
shoots correctly
- if I run it from the client browser it doesn't 
http://192.168.0.222/printit.php
- if I try to run the same script from within another script with shell_exec 
it doesn't work with the same error
- the returned error is PHP Warning:  printer_write(): couldn't allocate the 
printerjob [5] and obviously is reported for each printer_write code line.
- the apache is 2.0.55 and it is running on a windows xp pro
- the client is another windows xp pro where the printer is shared with 
permission for everybody and for guests (less security than this... is not 
possible)

Did you eard it? Any idea?

Thank you for any tip and answer.

Regards

Roberto - Italy

--- End Message ---

Reply via email to