I've just gotten an LDAP server running on a Yellowdog Linux box, but I can't seem to bind to it with PHP except anonymously. I can do command-line queries just fine, and I can bind anonymously from PHP without problem as well. But when I try to pass ldap_bind a username or username and password, I get the following warning:

Warning: ldap_bind(): Unable to bind to server: Invalid DN syntax in /usr/local/webfiles/test.php on line 23

I'm just giving it plaintext usernames and passwords; what more does it want? I've done a fair amount of work with PHP/LDAP binding, and I'm not doing anything substantially different here. Is this maybe a problem with the way I've set up my LDAP server? I've reinstalled LDAP with a different backend since I installed PHP; could that be causing the problem? Thanks for your help.

The code of my test script follows:

$ds = ldap_connect("students.NebrWesleyan.edu");
if ($ds) {
  if (ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) {
    echo "Using LDAPv3\n";
  } else {
    echo "Failed to set protocol version to 3\n";
  }
  $basedn = "dc=students,dc=NebrWesleyan,dc=edu";
  $query = "uid=*";
  $username = "saintp";
  $password = "******";
  $r = ldap_bind($ds, $username);
  if ($r) {
    $sr = ldap_search($ds, $basedn, $query);
    $info = ldap_get_entries($ds, $sr);
    print "\n\nusername:";
    print_r($info);
  } else {
    print "username failed, trying user/pass\n";
  }
  $r = ldap_bind($ds, $username, $password);
  if ($r) {
    $sr = ldap_search($ds, $basedn, $query);
    $info = ldap_get_entries($ds, $sr);
    print "\n\nuser/pass:";
    print_r($info);
  } else {
    print "user/pass failed\n";
  }
}

    Anyone have any clue on this?

      You're calling bind on two LDAP connections... try moving that } from before the second $r to after that block. That way, if a successful connection is made to begin with, it doesn't try to connect again (which might not help 😉)

      Give us a shout if you need more help

      dave

        That didn't work. Both bind statements give the error, too, not just the second one. I also looked at some old code and tried changing my username to this:

        $username = "uid=saintp," . $basedn;

        That way, I'm using a fully qualified DN (as has worked before), not just a bare username (as the PHP manual shows). But that still didn't work.

          Got it working, kind of. I'm no longer getting invalid DN syntax errors (the change to use a fully qualified DN as username fixed that), but instead the server is unwilling to bind. I think that's an slapd config problem, though.

            Write a Reply...